Managing NFS and NIS, 2nd Edition - Mike Eisler [52]
DNS integration with NIS
Hostnames are managed in a hierarchy. Each host manages its own name, so the hosts are the "leaf nodes" in this management tree. Hosts are grouped together into NIS or DNS domains, creating a two-level tree. DNS domains may be further grouped together by company, department, or physical location, adding more levels to the management hierarchy. NIS fits into the DNS management scheme at the lowest level in this hierarchy.
Within a single DNS domain, there may be many physical networks with several system administrators. NIS provides a system for the independent management of these small networks; NIS host map information can be combined to form the DNS host file. The approaches for doing this are described in Section 5.2 later in this chapter.
NIS and DNS domain names
If an Internet DNS is used in conjunction with NIS, it is helpful to tie the NIS domain names to the DNS domain name. Deriving NIS domain names from the DNS domain name links the two management schemes: the DNS-derived portion of the NIS domain name indicates where the NIS domain looks for its hostname information. Joining NIS and DNS domain names also makes sense if you have a single DNS domain that spans several physical locations. Each office will have its own networks, and its own NIS domains, so using the DNS domain name in the NIS domain name indicates how these locations fit into the "big picture."
For example, the Polygon Company uses the DNS domain name polygon.com. It has four NIS domains in its main office, which uses the polygon.com DNS domain name. The NIS domain names use the DNS domain name as a suffix:
bos-engin.polygon.com
philly-engin.polygon.com
finance.polygon.com
sales.polygon.com
If NIS is set up as the primary directory service, then Solaris versions of sendmail assume that an NIS domain name was derived from a DNS domain name, and they will strip the first component to derive the mail domain name. That is, if your NIS domain name is bos-engin.polygon.com, then sendmail uses polygon.com as your mail domain name by default. There may be many NIS domains in this DNS domain; sendmail strips off the leading component to form the DNS domain name.
However, if there are multiple NIS domains within the DNS domain — several sales offices in different cities, for example — then the NIS domain names should reflect the subdivision of the DNS domain, as shown in Table 5-1.
Table 5-1. Subdividing a DNS domain into NIS domains
NIS Domain
DNS Domain
boston.sales.polygon.com
.sales.polygon.com
philly.sales.polygon.com
.sales.polygon.com
rahway.sales.polygon.com
.sales.polygon.com
waltham.engin.polygon.com
.engin.polygon.com
alameda.engin.polygon.com
.engin.polygon.com
Because the NIS domain name contains four dot-separated components, sendmail drops the first component and uses the remainder as a DNS domain name. This allows all of the sales offices to be treated as a single administrative unit for mail and hostname management, even though they require distinct NIS domains.
It is important to note that each single administrative unit, whether it is implemented with one NIS domain or multiple NIS domains must share the same map entries. Thus, all the hosts listed in the hosts map of waltham.engin.polygon.com must be listed in the hosts map of alameda.engin.polygon.com. The converse must be true as well. Getting all hosts to agree on usernames, uid/gid values, and host addresses is a prerequisite for adding other distributed services such as the Network File System.
Domain aliases
Some systems impose a fairly small limit on