Mac OS X 10.1: Binding Local NetInfo Database to an NIS Domain

Network Information System (NIS) is similar to NetInfo in that it allows multiple computers to share administrative data that is stored on one computer. However, NIS uses standard UNIX flat files for this administrative data, while NetInfo uses a distributed database. Setting up Mac OS X to be an NIS client should not affect NetInfo.
This article assumes knowledge of NetInfo and its structure. For more information on NetInfo, see technical document 60038: "Mac OS X Server: What Is NetInfo?" This document also contains instructions on backing up the database, which should be done before continuing.

For Mac OS X to bind to an NIS domain, the /etc/hostconfig file must be changed, and lookupd must be configured to use NIS. The easiest way to accomplish this task is to log in as root. Alternatively, the steps below can be performed in the Terminal by an Admin user (a member of the admin group). The file system may not be in a state capable of restarting the computer if this procedure is not followed correctly. Therefore you should make backup copies of the /etc/hostconfig file and /var/db/netinfo/local.nidb.

Edit the hostconfig file

Open the /etc/hostconfig file with TextEdit or a command line text editor. From the Terminal, the file can be opened in TextEdit with the command "open -e /etc/hostconfig".

Find the "NISDOMAIN" entry. This is set to "-NO-" by default. Remove "-NO-" and type in the NIS domain name that the computer will bind to, ie NISDOMAIN=my.domain. This information can be obtained from the NIS administrator. Next, the line that contains RPCSERVER=-AUTOMATIC- must be change to RPCSERVER=-YES-. This will allow the portmap daemon to startup. Portmap is required for NIS to function properly.

Set up lookupd

To properly configure lookupd to use NIS, you must add directories, properties, and values to NetInfo. For a description of how these are used in NetInfo read technical document 60038: "Mac OS X Server: What Is NetInfo?".

First the /locations/lookupd directory must be created in NetInfo using the command:

nicl . -create /locations/lookupd

Next, this directory must be populated with the correct subdirectories, properties, and values. To create a sample lookupd.config file, copy the text from the section "Sample lookupd.config file" and save it as a text-only file named "lookupd.config". Then issue this command in the directory that contains this lookupd.config file:

niload -r /locations/lookupd . < lookupd.config

This file is only an example. It will provide an NIS client access to hosts, groups, users, and netgroups from an NIS domain. These examples can be expanded to other NIS maps, except for the auto.master map. This map type is not supported and will not work with Mac OS X.

Pictures

Here are some graphics of a completed lookupd configuration that can be used to ensure that the setup is correct. These graphics can also be used as a guide to configure lookupd if niload is not used.




Figure 1 The lookupd directory and its values and subdirectories.




Figure 2 The lookupd subdirectory groups and its values




Figure 3 The lookupd subdirectory hosts and its values




Figure 4 The lookupd subdirectory netgroups and its values




Figure 5 The lookupd subdirectory users and its values

Sample lookupd.config file

Copy below this line:

{
"LookupOrder" = ( "CacheAgent", "NIAgent", "YPAgent" );
"name" = ( "lookupd" );
"MaxThreads" = ( "12" );
CHILDREN = (
{
"name" = ( "groups" );
"LookupOrder" = ( "CacheAgent", "NIAgent", "YPAgent" );
},
{
"name" = ( "users" );
"LookupOrder" = ( "CacheAgent", "NIAgent", "YPAgent" );
},
{
"name" = ( "hosts" );
"LookupOrder" = ( "CacheAgent", "NIAgent", "YPAgent", "DNSAgent", "NILAgent" );
},
{
"name" = ( "netgroups" );
"LookupOrder" = ( "CacheAgent", "NIAgent", "YPAgent" );
}
)
}

Stop copying above this line.
Published Date: Feb 17, 2012