[NTLUG:Discuss] NIS

Leroy Tennison leroy_tennison at prodigy.net
Wed Aug 12 23:09:36 CDT 2009


Chris Cox wrote:
> Leroy Tennison wrote:
>> I heard something at work that I haven't been able to find an answer to 
>> easily via Google so I'm looking for someone who knows.  What I heard 
>> was that, if you didn't run nscd, it effectively disabled the NIS 
>> client.  Something about that doesn't sound quite right to me but I've 
>> never worked with NIS so I'd rather ask that assume something.  The 
>> context was Solaris but it raises the general question as to whether a 
>> caching mechanism has an impact on services such as NIS (and maybe 
>> others like it).
> 
> You do NOT need nscd.  In fact, it cause some behaviors you might not
> like.  Since nscd caches NIS maps, that means it cache the passwd map
> (arguably the main benefit of the caching nowadays).  While this can
> greatly speed up user/group lookups (which are done almost constantly on
> any system), it also caches the password hash.  So when a user changes
> their password, the change is NOT done immediately on NIS clients for
> which the entry is already cached (causing some frustration until the
> cache is expired).
> 
>> A related question, what's the best way to insure that NIS client 
>> functionality is disabled (that's the goal)?  I realize that with *NIX 
>> there's probably a half dozen ways to accomplish this so I'll clarify a 
>> bit: What's the optimum method as far as ease of implementation without 
>> too much risk that an inadvertent configuration "oops" would nullify it?
> 
> /etc/init.d/ypbind stop
> To stop ypbind immediately.
> 
> Remove ypbind from the init startups.
> 
> Uninstall ypbind.
> 
> Also, in many cases simply removing nis from your /etc/nsswitch.conf
> will disable quite a bit (if not everything), though you'll still be
> bound, just the info won't be used anymore.
> 
>> Thanks for your help.
>>
>> _______________________________________________
>> http://www.ntlug.org/mailman/listinfo/discuss
>>
>>
> 
> 
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
> 
Thank you, I appreciate the good ideas.



More information about the Discuss mailing list