Sun’s NIS+

NIS was designed for a small, friendly computing environment. As Sun Microsystems’ customers began to build networks with thousands or tens of thousands of workstations, NIS started to show its weaknesses:

  • NIS maps could be updated only by logging onto the server and editing files.

  • NIS servers could be updated only in a single batch operation. Updates could take many minutes, or even hours, to complete.

  • All information transmitted by NIS was transmitted without encryption, making it subject to eavesdropping.

  • NIS updates themselves were authenticated with AUTH_UNIX RPC authentication, making them subject to spoofing.

To respond to these complaints, Sun started working on an NIS replacement in 1990. That system was released a few years later as NIS+.

NIS+ quickly earned a bad reputation. By all accounts, the early releases were virtually untested and rarely operated as promised. Furthermore, the documentation was confusing and incomplete. Sun sent engineers into the field to debug their software at customer sites. Eventually, Sun worked the bugs out of NIS+, and today it is a more reliable system for secure network management and control.

An excellent reference for people using NIS+ is Rick Ramsey’s book, All About Administrating NIS+ (SunSoft Press, Prentice Hall, 1994).

What NIS+ Does

NIS+ creates network databases that are used to store information about computers and users within an organization. NIS+ calls these databases tables; they are functionally similar to NIS maps ...

Get Practical UNIX and Internet Security, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.