SUMMARY: Why isn't Sun Inc. not running NIS+

From: Patrick Farley (patrick_farley@hotmail.com)
Date: Wed Aug 05 1998 - 14:00:10 CDT


Thanks for all the replies!
Here they all are.

-Patrick

******************************************************

Date: Tue, 4 Aug 1998 08:34:31 -0400
From: bill@aloft.micro.lucent.com (Bill Shorter - Local Account)
To: patrick_farley@hotmail.com
Subject: Re: Why isn't Sun Inc. not running NIS+
SEVERAL YEARS AGO, it was because it cost too much to cut over to
NIS+.Down time. Admin confusion. Level of expertise to learn/use NIS+.I
personally asked high ranking Sun managers this question. That wastheir
answer, SEVERAL YEARS AGO when you had to guess that there mightbe an
NIS kit for Solaris 2.We run NIS here. I deduced that a kit might be
available, twisted armsand got it. We NEVER ran NIS+ at most of our
sites.Bill Shorter

From: SALLEA@kben.co.uk
To: patrick_farley@hotmail.com
Subject: RE: Why isn't Sun Inc. not running NIS+
Date: Tue, 4 Aug 1998 13:34:00 +0100
Your right they don't run NIS+ on a corporate scale, although some
officesdo use it for restricted domains...And the reason, because a) its
never been that easy to maintain and b) theyknew they'd be dropping it
from Solaris or rather promoting a newer namingservice supported by
other vendors...Regards, Alex

Date: Tue, 04 Aug 1998 07:36:29 -0500
From: Kevin Van Der Hart <kvanderhart@vermeermfg.com>
Reply-To: kvanderhart@vermeermfg.com
To: Patrick Farley <patrick_farley@hotmail.com>
Subject: Re: Why isn't Sun Inc. not running NIS+
If you can keep from switching to NIS+ do it. NIS+ has a lot of
problems. I currently have a NIS+ root master, 5 replica servers, and 5
NIS+ clients.Keeping this working can be a job in itself. Once it is up
and running itseems to work fine unless you have a glitch in your
system. For example.One of the replica servers is an Ultra Enterprise 1.
The power supply forit went up in smoke and I didn't have a spare. I
have been trying to swapan Ultra 10 in for this server but it won't
become a replica because theroot master says it already is one. But i
can't remove it from the rootmaster as a replica because the root master
can't contact it's NIS+services. I probably would have been Ok if I
could have used the Ultra 1hard drive in the Ultra 10 but SCSI vs EIDE
didn't allow that. We have beenusing NIS+ for about 2 years now and
although it is better with 2.5.1 thanit was with 2.4 or 2.5 it still is
a large pain any time you haev to make changes to the system.

Date: Tue, 04 Aug 1998 06:25:08 -0600
From: Matt Reynolds <matt@aztek-eng.com>
To: Patrick Farley <patrick_farley@hotmail.com>
Subject: Re: Why isn't Sun Inc. not running NIS+
Flaws ? Bugs ?I run NIS+ exclusively and like it very much - haven't
hadany difficulties!Regards,Matt Reynolds

To: "Patrick Farley" <patrick_farley@hotmail.com>
Subject: Re: Why isn't Sun Inc. not running NIS+
Date: Tue, 04 Aug 1998 08:09:00 -0500
From: Gene Rackow <rackow@mcs.anl.gov>
I don't know if it's still the case, but there is a major problem
forsome sites to convert where you have a username == machinename.For
example you have username farley, you can't have a
machinefarley.hotmail.com. Considering the 1000's of machines that Sun
has,and not all of them are running the latest OS levels, this may slow
down deployment. There are other things that don't work the same with
NIS+,and when you have a large system built around NIS, it's not always
easyto convert. Not all machines run NIS+. IBM-RS6000, Linux, SGI,
SunOS, and others, though this is probably not an issue in Sun.I'm not
saying that Sun isn't converting because NIS+ has bugs. Nor amI
attempting to justify why they are not using it. Just giving
someexamples as to why some sites may not change.

Date: Tue, 4 Aug 1998 09:10:25 -0400
From: blained@kostabi.gdls.com (David W. Blaine)
To: patrick_farley@hotmail.com
Subject: Re: Why isn't Sun Inc. not running NIS+
Because it sucks?! Yes, that's it. NIS+ sucks. NIS+ has more bugs than
NIS does. If you have a firewall on your network than the security gains
NIS+ provides aren't enough to outweigh the headaches (IMHO).

From: "Marco Greene" <cmgreene@netcom.ca>
To: "Patrick Farley" <patrick_farley@hotmail.com>
Subject: Re: Why isn't Sun Inc. not running NIS+
Date: Tue, 4 Aug 1998 09:35:57 -0700
I don't know why Sun isn't running NIS+ in their own environment but if
youonly have a small network and NIS is working fine for you I would
notupgrade, unless you are looking to take advantage of some of the
benefits ofNIS+ over NIS. One of these benefits is increased security.
With NIS anymachine with the correct domain name can become a client of
the server, withNIS+ their is authentication and authorization required
before the clientcan communicate with the server.In terms of bugs, I
have used NIS+ without too many problems. As long asyou stick with the
guidelines provided by Sun you won't have any problems.

From: Rich Pieri <rich.pieri@prescienttech.com>
To: "Patrick Farley" <patrick_farley@hotmail.com>
Subject: Re: Why isn't Sun Inc. not running NIS+
Date: 04 Aug 1998 10:09:50 -0400
Because NIS and NIS+ are difficult to set up, annoying to maintain, and
alltoo frequently brain-damaged. They also open up a variety of
securityholes, the fix being not using a thing you (they) do not need.

Date: Tue, 4 Aug 1998 08:20:15 -0700 (PDT)
From: Wolf Schaefer <schaefer@wolfe.llnl.gov>
To: Patrick Farley <patrick_farley@hotmail.com>
Subject: Re: Why isn't Sun Inc. not running NIS+
Patrick,\The rumor is that Sun is planning to dump NIS+.Wolf

Date: Tue, 4 Aug 1998 08:35:56 -0700 (PDT)
From: Janet Hoo <Janet.Hoo@Ebay.Sun.COM>
Reply-To: Janet Hoo <Janet.Hoo@Ebay.Sun.COM>
Subject: Re: Why isn't Sun Inc. not running NIS+
To: patrick_farley@hotmail.com
More work to setup and a LOT more work to maintain. We handle security
in other ways so NIS+ wouldn't give us much of a benefit.
Janet

To: "Patrick Farley" <patrick_farley@hotmail.com>
Subject: Re: Why isn't Sun Inc. not running NIS+
Date: Tue, 4 Aug 1998 13:26:52 -0400
From: John DiMarco <jdd@cs.toronto.edu>
This question is probably better for comp.sys.sun.admin or
comp.unix.solaris rather than sun-managers. Anyways, NIS+ is large and
complex, and should only be used if the size ofthe user population and
the complexity of the environment requires it. Perhaps Sun doesn't have
e.g. a user population of many tens of thousands onany of their
systems.Regards,John

Date: Tue, 04 Aug 1998 14:32:49 -0700 (PDT)From: Rick Reineman
<e18a186@avlisim.llnl.gov>
Subject: Re: Why isn't Sun Inc. not running NIS+To: Patrick Farley
<patrick_farley@hotmail.com>Reply-to: Rick Reineman
<e18a186@avlisim.llnl.gov>

There is nothing technically wrong with NIS+. It is in fact superior to
a regular NIS environment, IN AN ALL SUN environment. When you start
mixing machines in a namespace you have to give up the security features
of NIS+, although you do keep the performance. I'm not aware of any
other platformsthat support NIS+, although it is rumored that IRIX and
HP-UX will soonsupport NIS+. The problem with NIS+ is it is complex.
Very complex compared to the old NIS. Hence the learning curve is
steeper and troubleshooting is more difficult. As for Sun not running
it, it is true. I used to work for Sun, the onlybuildings that used were
a few engineering areas who did software development. The issue probably
is the difficulty in converting an established environment. For a new
startup NIS+ wouldn't be much of an issue. Any senior level UNIXadmin
should be able to handle NIS+.I like NIS+, I learned it by reading a
book. I already knew NIS very well,that may have helped. What I think is
interesting is the rumors coming fromSun is NIS(+) is out, LDAP is in.
LDAP is suited well for what NIS(+) doesright now. Sun has a LDAP
product called Sun Directory Service, or somethinglike that. It's not
ready to replace NIS yet though.If you have a small to medium mixed
environment, and security is not criticalgo with NIS. If it's a large
environment, many subnets, security is aproblem, and it's mostly all
Suns, go with NIS+.Rick

Date: Tue, 04 Aug 1998 15:31:40 -0700
From: Louis Hoo <lhoo@fcicom.com>
To: Patrick Farley <patrick_farley@hotmail.com>
Subject: Re: Why isn't Sun Inc. not running NIS+
NIS+ would be way too much work to maintain. Sun has over
10,000employees, and their NIS maps are global across their WAN. And
fromwhat I heard, it takes a half hour for their maps to push out.I
personally wont run it b/c of all the problems with
maintainingcredentials. We are currently running NIS on our small
Solaris network,no plans to switch to NIS+

From: <KWhite@talisman-energy.com>
To: <patrick_farley@hotmail.com>
Subject: RE: Why isn't Sun Inc. not running NIS+
Date: Tue, 4 Aug 1998 18:04:16 -0600
I am interested in any replies you may get...We run both nis(yp) and
nis+...I don't like nis+...it's flaky...Kelvin

From: <KWhite@talisman-energy.com>
To: <patrick_farley@hotmail.com>
Subject: RE: Why isn't Sun Inc. not running NIS+
Date: Wed, 5 Aug 1998 11:26:51 -0600
I got the following comments from my SUN SE:"""It's only partially true.
The servers are running NIS+ - butthey are in NIS compatibility mode -
so the clientsrun NIS (not NIS+). Engineering may run clients inNIS+ -
but I don't know. NIS+ was/is a great idea (security, scalability, etc.)
-but it suffers from being overly complex. The future direction for
everyone is going to be LDAP.However LDAP isnt yet mature enough to to
replaceNIS/NIS+.If what you have today is working - I wouldn't touch it.
Therewill be enough changes coming down the road as it is :-)"""

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:45 CDT