Thanks to all for the suggestions and warnings.
I had a mail server crash right after I sent the message, so
I may have missed some responses.
Thanks to:
Tom Hinze <hinze@ties.k12.mn.us>
murat.balkas@o2.com.tr
Luke Kanies <luke.kanies@bluestar.net>
EG Keizer <keie@cs.vu.nl>
I believe I will try the following solution.
------------------------------------------------------------------------
Article 16402
Synopsis: How to Rebuild a NIS+ ROOTMASTER
------------------------------------------------------------------------
Distribution: Public Article type: Infodoc
Submitter: Nori Praveen Country: USA
Status: Issued
Hardware: any
OS: Solaris 2.x Bug ID:
Prd area: Gen. Network Patch ID:
Product: NIS+ Release:
Interest list: nori.praveen@corp network-east@network.east
Submitted: Feb 26 1998 3:28PM Total labor: 0 hrs 20 mins
Description
-----------
Sometimes you need to change the NIS+ ROOTMASTER. You might like to move
it
to a different machine, or change its IP address or domainname. However,
these
things are built into the NIS+ system and require rebuilding the
ROOTMASTER.
This Infodoc assumes that you already have a NIS+ ROOTMASTER (with or
without replicas), and you are able to dump the tables from the root
master/replica, and you need to rebuild the master, for various
reasons.
The sequence of the steps would be:
Dump the tables from the master.
Remove the NIS+ from the master
Make desired change. (change IP or domainname, or copy files to
the new master and continue the procedure from there)
Rebuild the NIS+ on the master
Reinitialize the clients.
Reinitialize the replicas.
NOTE: If you already have the information for the NIS+ tables in the
ASCII files, then step 1 is not needed, you only have to copy these
files to /var/nisfiles directory ( create it if not already present).
DUMP THE TABLES
----------------
1) Dump the tables
rootmaster# mkdir /var/nisfiles
rootmaster# cd /var/nisfiles
rootmaster# /usr/lib/nis/nisping -C groups_dir.`domainname`.
rootmaster# /usr/lib/nis/nisping -C org_dir.`domainname`.
oldt-master# /usr/lib/nis/nisping -C `domainname`.
rootmaster# nisaddent -d aliases > aliases
rootmaster# nisaddent -d bootparams > bootparams
rootmaster# nisaddent -d ethers > ethers
rootmaster# nisaddent -d group > group
rootmaster# nisaddent -d hosts > hosts
rootmaster# nisaddent -d netgroup > netgroup
rootmaster# nisaddent -d netid > netid
rootmaster# nisaddent -d netmasks > netmasks
rootmaster# nisaddent -d networks > networks
rootmaster# nisaddent -d passwd > passwd
rootmaster# nisaddent -d protocols > protocols
rootmaster# nisaddent -d publickey > publickey
rootmaster# nisaddent -d rpc > rpc
rootmaster# nisaddent -d services > services
rootmaster# nisaddent -d shadow > shadow
rootmaster# nisaddent -d timezone > timezone
rootmaster# nisaddent -d -t auto_home.org_dir key-value > auto_home
rootmaster# nisaddent -d -t auto_master.org_dir key-value > auto_master
REMOVE NIS+ FROM THE ROOTMASTER MACHINE:
---------------------------------------
2) Remove the traces of old NIS+ from the machine
rootmaster# cp /etc/nsswitch.files /etc/nsswitch.conf
rootmaster# /etc/init.d/rpc stop
rootmaster# rm -f /etc/.rootkey
rootmaster# rm -rf /var/nis/*
rootmaster# rm -rf /etc/defaultdomain
rootmaster# /etc/init.d/rpc start
(*** REBOOTING is preferred at this point if possible).
REBUILD THE MASTER :
---------------------
3) Build the new master
***[NOTE:** If you want to change NIS+ domainame you provide the new
domainame]
rootmaster# nisserver -v -r -d <domainame.with.trailing.dot>
4) Remove the lines related to the master from /var/nisfiles/publickey file
5) Add the master's present publickey to the /var/nisfiles/publickey
rootmaster# nisaddent -d publickey >> /var/nisfiles/publickey
***[NOTE: If you want to change the ip address of the
master/replica/clients
make changes to the /var/nisfiles/hosts file]
6) Populate the tables on the new master.
rootmaster# cd /var/nisfiles
rootmaster# nispopulate -v -F
7) Add the old publickeys to the database.
rootmaster# nisaddent -rv -f /var/nisfiles/publickey publickey
8) Update the database
rootmaster# nisping -C org_dir
rootmaster# nisping -C groups_dir
rootmaster# nisping -C
REINITIALIZE THE CLIENTS TO TALK TO THE MASTER:
-------------------------------------
***[NOTE: If the client's IP address or the NIS+ domainname needs to be
changed, make changes to respective /etc files ]
9) Copy the /var/nis/NIS_COLD_START from the master into the client's
/var/tmp and reinitialize the client.
client# rcp master:/var/nis/NIS_COLD_START /var/tmp
client# nisinit -C /var/tmp/NIS_COLD_START
clinet# /etc/init.d/rpc stop
client# rm /var/nis/*CACHE
client# /etc/init.d/rpc start
REINITIALIZE THE REPLICAS:
---------------------------
***[NOTE: If the replica's IP address or the NIS+ domainname needs to be
changed, make changes to respecitve /etc files]
10) Remove NIS+ from the old replicas (step 2 ) and reinitialize as
clients of the master. You may make it a replica again if desired.
Note: Use the previous NIS+ passwd when requested for NIS+
passwd (RPC/network passwd) in the nisclient command
---------------------
My original question:
---------------------
> Admins:
>
> I have to change the ip address for an NIS+ master and 3 replicas.
>
> All servers are running Solaris 2.5.1
>
> Different sources vary widely on how to perform this procedure.
>
> In one Answerbook collection, it seems ver simple. Just run a few
> "nisupdkeys" commands and you're finished.
>
> Example (from Answerbook): Can it be this easy?
> -----------------------------------------------
> Updating IP Addresses
>
> If you change a server's IP address, or add additional addresses,
> you need to run nisupdkeys to update NIS+ address information.
>
> To update the IP addresses of one or more servers, use the
> nisupdkeys command -a option.
>
> To update the IP addresses of servers of a given domain
>
> rootmaster# nisupdkeys -a domain
>
> To update the IP address of a particular server
>
> rootmaster# nisupdkeys -a -H server
> -----------------------------------------------
>
> In one online document located here, it's a hairy looking
> 2 page procedure.
>
> http://sunsolve.Sun.COM/private-cgi/\
> retrieve.pl?doc=srdb%2F11728&zone_32=11728
>
> And in this list's archives, there are numerous ways to do it.
>
> My question to this group is what's the best way to make this change?
> Are there any online documents that are better than others for it?
> Which procedure really is tested and works?
>
> Thanks,
>
> Jeff
>
> Jeffrey P. Miller
> Systems Administrator
> Eastman Kodak Company
> jeffrey.p.miller@kodak.com
> Phone: (716) 726-0208
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:14:24 CDT