[SUMMARY] How do you recover NIS+

From: David Gempton (ttcdg@cyberspace.co.nz)
Date: Fri Mar 08 1996 - 03:48:20 CST


Many thanks to all those who replied, I owe you one :)

Original question:
=================================================
> I'd like to here from anyone who has had to recover an NIS+ environment on a root master.
>
> What sort of problems did you have after recovering ?
> What sort of backups do you make of your /var/nis area. tar, cpio, usfdump ?
> What problems lead to you having to recover the NIS setup ?
>
Answers:
===================================================
Summary:
In general most people seem to be reling on making ASCII dumps of the NIS tables with the idea of using them via nis populate if they need to recover NIS.

As far as I am aware this method will remove the user account passwords and passowrd aging data. This is not what I think of when I think of doing a recovery. I received a note from a chap with 15,000 user accounts. Im sure he would not want to tell all of his users that they must change their passwds.

The method I preferred was:
=========================
At one point I lost my NIS+ setup when installing WordPerfect. Didn't
notice for a while because the cache manager had the answers, but I'd rebooted
the server and suddenly all hell broke loose!

I simply restored the whole of /var/nis (I use networker) and rebooted the
machine and it all worked again.

rgds
Stephen Harris
                 --------- and ------------
My journal is at work, but as far as I remember, all that was needed was
to restore the /var/nis tree and /etc/.rootkey
(and perhaps /etc/publickey ?). Of course, you would need to get back
the NIS+ version of the /etc/nsswitch.conf file, if that had changed.

There were no problems that could be blamed ;-) on the NIS+ stuff.

We do frequent ufsdump backups of the file systems.

The problem on the root master occurred about a year ago, when I ran
into a problem during an upgrade. Fortunately, I had previously ufsdumped "/"
from which the NIS+ stuff among other things could be pulled off.

Wolfgang H. Holzmann

(Just a note -- Last week I found out that after a passwd table import you have no aging details (assuming you had them when you dumped the table). When you enable passwd aging the users accounts will be forced to change their passwd. This is because when you enable aging the date field for last passwd change is 0 which equals Jan 1970. So of course the passwd get expired.



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:10:55 CDT