Managing NFS and NIS, 2nd Edition - Mike Eisler [53]
You could build a second NIS domain with a shorter name and duplicate the maps from the first domain, but this leaves you with twice the administrative work. An easier solution to this problem is to create a domain name alias for the longer name by making a symbolic link in the NIS server directory /var/yp on each server host:
master# cd /var/yp
master# ln -s nesales.East.Sun.COM nesales
NIS servers in the fully qualified domain respond to requests for service for the truncated domain name because they believe they have a set of maps for the specified domain. It is of no consequence that the "directory" is really a link to another domain's directory. This trick can also be used to force two distinct NIS domains to share exactly the same set of maps.
In a simple network, your domain names are likely to be short and easily managed. However, if you integrate DNS with NIS, and choose NIS domain names based on name service domains, you may end up with long, multicomponent names such as grad.history.princeton.edu. Using symbolic links to create aliases for long names may be necessary to make all of your NIS clients find NIS servers.
Implementation
There are four ways to integrate NIS with DNS, each of which is described in more detail in the following subsections.
Run NIS without DNS on client and server
This is the default for many systems, including Solaris. In this approach, the name services switch file, nsswitch.conf, is set up so that nis and files are the only directory services listed in the hosts entry of the nsswitch.conf file. The NIS server is configured (by default) to not use DNS to resolve hostnames not found in the hosts map.
Run NIS on client, enable DNS on NIS server
Use the NIS maps first, then go to DNS for hostnames that aren't managed by NIS. This is done using a special flag in the NIS hosts map.
NIS is forced to query DNS for hostnames not found in the hosts map if the map is built with the "Inter-Domain" key. The NIS-then-DNS algorithm is embedded in the implementation of ypserv. This means that individual NIS clients don't need to know about the DNS; only the NIS servers will be calling DNS for non-local hostnames.
In the NIS Makefile, add the -b flag to the makedbm script for the hosts.byname and hosts.byaddr maps, which will cause the YP_INTERDOMAIN key to be added to the hosts maps. In Solaris, this is done by changing the following lines in /var/yp/Makefile from:
#B=-b
B=
to:
B=-b
#B=
If a hostname is not found in the NIS map, the YP_INTERDOMAIN keyinstructs NIS to look up the name with the domain name server. Instead of immediately returning an error indicating that the hostname key was not found, ypserv asks the DNS server to look up the hostname. If DNS cannot find the name, then ypserv returns an error to the client. However, if the DNS server locates the hostname, it returns the IP address information to ypserv, and ypserv returns it to the client. Integration of NIS and DNS is completely invisible to the client in terms of calling interfaces: all of the work is done by ypserv on the NIS server.
NIS servers locate DNS servers through the resolver interface, which relies on information in the /etc/resolv.conf configuration file. The resolver configuration file should point to at least two DNS servers to provide redundancy in case one DNS server becomes unavailable:
nameserver 130.1.52.28
nameserver 130.1.1.15
The nameserver keyword is used to identify the IP address of a DNS server. The servers are listed by IP address, since hostnames are dependent on the very mechanism being configured by this file. Set up a resolv.conf file on every NIS server.
Run DNS on NIS clients and servers
In this approach, NIS clients and servers ignore NIS for hostnames and use only DNS.
Given that DNS is a full-service hostname management system, some network managers choose