[NTLUG:Discuss] NIS
Leroy Tennison
leroy_tennison at prodigy.net
Wed Aug 12 23:09:36 CDT 2009
Chris Cox wrote:
> Leroy Tennison wrote:
>> I heard something at work that I haven't been able to find an answer to
>> easily via Google so I'm looking for someone who knows. What I heard
>> was that, if you didn't run nscd, it effectively disabled the NIS
>> client. Something about that doesn't sound quite right to me but I've
>> never worked with NIS so I'd rather ask that assume something. The
>> context was Solaris but it raises the general question as to whether a
>> caching mechanism has an impact on services such as NIS (and maybe
>> others like it).
>
> You do NOT need nscd. In fact, it cause some behaviors you might not
> like. Since nscd caches NIS maps, that means it cache the passwd map
> (arguably the main benefit of the caching nowadays). While this can
> greatly speed up user/group lookups (which are done almost constantly on
> any system), it also caches the password hash. So when a user changes
> their password, the change is NOT done immediately on NIS clients for
> which the entry is already cached (causing some frustration until the
> cache is expired).
>
>> A related question, what's the best way to insure that NIS client
>> functionality is disabled (that's the goal)? I realize that with *NIX
>> there's probably a half dozen ways to accomplish this so I'll clarify a
>> bit: What's the optimum method as far as ease of implementation without
>> too much risk that an inadvertent configuration "oops" would nullify it?
>
> /etc/init.d/ypbind stop
> To stop ypbind immediately.
>
> Remove ypbind from the init startups.
>
> Uninstall ypbind.
>
> Also, in many cases simply removing nis from your /etc/nsswitch.conf
> will disable quite a bit (if not everything), though you'll still be
> bound, just the info won't be used anymore.
>
>> Thanks for your help.
>>
>> _______________________________________________
>> http://www.ntlug.org/mailman/listinfo/discuss
>>
>>
>
>
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
>
Thank you, I appreciate the good ideas.
More information about the Discuss
mailing list