NIS+ is a

directory service In computing, a directory service or name service maps the names of network resources to their respective network addresses. It is a shared information infrastructure for locating, managing, administering and organizing everyday items and network ...

developed by Sun Microsystems to replace its older 'NIS' (

Network Information Service The Network Information Service, or NIS (originally called Yellow Pages or YP), is a client–server directory service protocol for distributing system configuration data such as user and host names between computers on a computer network. Sun M ...

). It is designed to eliminate the need for duplication across many computers of configuration data such as user accounts, host names and addresses, printer information and NFS disk mounts on individual systems, instead using a central repository on a master server, simplifying system administration. NIS+ client software has been ported to other

Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, an ...

and

Unix-like A Unix-like (sometimes referred to as UN*X or *nix) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-li ...

platforms. Prior to the release of Solaris 9 in 2002, Sun announced its intent to remove NIS+ from Solaris in a future release and now recommends that customers instead use an

LDAP The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory servi ...

-based lookup scheme. NIS+ was present in Solaris 9 and 10 (although both releases include tools to migrate NIS+ data to an LDAP server) and it has been removed from Solaris 11.

NIS vs. NIS+

NIS and NIS+ are similar only in purpose and name, otherwise, they are completely different implementations. They differ in the following ways: * NIS+ is hierarchical. * NIS+ is based around Secure RPC (servers must authenticate clients and vice versa). * NIS+ may be replicated (replicas are read-only). * NIS+ implements permissions on directories, tables, columns and rows. * NIS+ also implements permissions on operations, such as being able to use to transfer changed data from a master to a replica.

The problem of managing network information

In the 1970s, when computers were expensive, and networks consisted of a small number of nodes, administering network information was manageable, and a centralized system was not needed. As computers became cheaper and networks grew larger, it became increasingly difficult to maintain separate copies of network configurations on individual systems. For example, when a new user was added to the network, the following files would need to be updated on every existing system: Likewise, would have needed updating every time a new group was added and would have needed updating every time a new computer was added to the network. If a new user with a new system was added to a network of 20 existing systems, the UNIX administrator would need to modify 5 files on 21 machines - 105 files in all. With NIS+, adding users and machines to the network requires changes only to the NIS+ server's maps and the new host's /etc/nsswitch.conf needs to point to the NIS+ server. When a user logs into any other machine, that host (the NIS+ client), knowing who the NIS+ server is, queries it for the username and password to identify and authenticate the user. NIS+ also manages several other types of data: NFS mounts (auto_master, auto_home), network booting and other parameters (bootparams, ethers, netmasks, netgroup, networks, protocols, rpc, services), security access (cred), aliases, and time zone. An installation of NIS+ comes with such table structures predefined. There are facilities available to create other tables as needed.

Alternatives

Other alternative schemes for storing network information exist, such as the

standard maintained by the

IETF The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements and a ...

, including Microsoft's LDAP implementation,

Active Directory Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of Process (computing), processes and Windows service, services. Initially, Active D ...

. LDAP can be configured to handle more general information, such as corporate employee structures, phone numbers, address, etc. so it requires more thought and planning. Many organizations require all the features of NIS+, LDAP, and Active Directory and run them all simultaneously. Another alternative that has been popular in certain environments is the

Hesiod Hesiod (; grc-gre, Ἡσίοδος ''Hēsíodos'') was an ancient Greek poet generally thought to have been active between 750 and 650 BC, around the same time as Homer. He is generally regarded by western authors as 'the first written poet ...

name service, which is based on the DNS protocols.

NIS+ client/server model

Unlike NIS, NIS+ uses a hierarchical structure of multiple domains. A NIS+ domain can, and should, be serviced by multiple servers. The primary server is known as the master server, and backup servers are known as replica servers. Both types hold copies of the NIS+ tables. Changes are first committed to the master server and then propagated to replica servers in increments. NIS+ table permissions determine a user's level of access to the table's contents.

References

External links