fns_nis - overview of FNS over NIS (YP) implementation


     Federated  Naming  Service  (FNS)  provides  a  method   for
     federating  multiple  naming services under a single, simple
     interface for the basic naming operations. One of the naming
     services  supported  by FNS is NIS (YP), the enterprise-wide
     information services in Solaris (see  ypcat(1),  ypmatch(1),
     ypfiles(4)).  FNS  provides the XFN interface for performing
     naming and attribute operations on  FNS  enterprise  objects
     (organization,  site,  user, host and service objects) using
     NIS. FNS stores bindings for these objects in NIS  and  uses
     them in conjunction with existing NIS objects.

  FNS Policies and NIS
     FNS defines policies for naming  objects  in  the  federated
     namespace  (see  fns_policies(5)).  At the enterprise level,
     FNS policies specify naming for organizations, hosts, users,
     sites,  and  services.  The  enterprise-level naming service
     provides contexts to allow other objects to be  named  rela-
     tive to these objects.

     The FNS organizational unit namespace provides a  hierarchi-
     cal namespace for naming subunits of an enterprise. However,
     NIS does not support a  hierarchical  organizational  struc-
     ture.  Therefore,  a  NIS  domain maps to a single organiza-
     tional unit in the FNS namespace.

     Users in an FNS organizational unit correspond to the  users
     in  the  passwd.byname  map of the corresponding NIS domain.
     FNS provides a context for each user  in  the  passwd.byname

     Hosts in an FNS organizational unit correspond to the  hosts
     in  the   hosts.byname  map of the corresponding NIS domain.
     FNS provides a context for each host  in  the   hosts.byname

  Federating NIS with DNS or X.500
     Federating NIS with the global naming systems DNS  or  X.500
     makes  NIS  contexts accessible outside of an NIS domain. To
     enable the federation,  the  administrator  must  first  add
     address  information in either DNS or X.500 (see  fns_dns(5)
     and fns_x500(5)).  After this administrative step  has  been
     taken, clients outside of the NIS domain can access contexts
     and perform  operations.

  Security Considerations
     Changes  to  the  FNS  information   (using   the   commands
     fncreate(1M),     fncreate_fs(1M),     fncreate_printer(1M),
     fnbind(1), fndestroy(1M), fncheck(1M), and fnunbind(1))  can
     be  performed only by the privileged users on the NIS master
     server that maintains the FNS information.

     For example, the command fncreate(1M) creates  the  NIS  map
     for  the  associated NIS domain in the system on which it is
     executed. Hence, the command must be  run  by  a  privileged
     user  either  on  the  NIS master server or on a system that
     will serve as a NIS master server for FNS.

     The NIS object name that corresponds  to  an  FNS  composite
     name can be obtained using fnlookup(1) and fnlist(1).


     fnbind(1), fnlist(1),  fnlookup(1),  fnunbind(1),  ypcat(1),
     ypmatch(1),   fncheck(1M),   fncreate(1M),  fncreate_fs(1M),
     fncreate_printer(1M), fndestroy(1M), xfn(3XFN),  ypfiles(4),
     fns(5),  fns_dns(5),  fns_files(5),  fns_initial_context(5),
     fns_nis+(5), fns_policies(5), fns_references(5), fns_x500(5)

Man(1) output converted with man2html