What Are Linux NIS and NIS+
NIS and NIS+ share as many differences as they share their similarities. These programs, commonly known as Network Information Service and Network Information Service Plus, deliver a simple network lookup and check of the processes and databases.
NIS is formally known as Sun Yellow Pages and provides information that the entire network should know. Notably, NIS and NIS+ provide the following information:
- Login passwords, names, or home directories (e.g. /etc/password)
- Group information (e.g. /etc/group)
- IP numbers and hostnames (e.g. /etc/hosts)
This article will explain how NIS and NIS+ work. The article also highlights the key differences and similarities between the two frameworks. Finally, you will learn when to go with NIS and when to consider using the NIS+.
NIS vs. NIS+ Comparison
NIS and NIS+ share more than their name—they share a common objective. However, they also have an array of differences. Notably, the Network Information Service Plus (NIS+) is an enhanced version of the original Network Information Service. It implies that it has new features and different terminology for the similar concepts.
The following table summarizes the difference between NIS and NIS+.
Comparison Table Between NIS and NIS+
| NIS | NIS+ |
|---|---|
| It features the flat domains and has no hierarchy. | It features the hierarchical domains and stores the data in different namespace levels. |
| It allows the use of similar machine names and user names. | The machine and user cannot share a name. Besides, you cannot have a dot (.) in either of the names. |
| All names and commands are pretty case-sensitive. | The commands and names are not case-sensitive. |
| Does not use any authentication. | Uses DES authentication. |
| Uses two-column tables to store data. | Uses multi-column tables to store data. |
| The client has only one choice of network information source. | The client has a range of network information sources to choose from including DNS, NIS, NIS+, or any local /etc. file. |
| Features a maximum size of 1024 bites, a limitation applying to all the NIS map files. | There are no size limitations. |
| Does not support the encrypted and secure RPC. | Supports the secure and encrypted RPC. |
| It uses RPC Version 2. | It uses RPC version 3. |
| Will often delay the updates for batch propagation. | It propagates incremental updates instantly. |
NIS and NIS+ Domain Structure
Notably, unlike most versions of the original protocols, NIS+ does not improve NIS. Instead, it works as its replacement. NIS aims to address the network administration requirements of the relatively small client-server requirements. Thus, it is more suitable for the environments with a few hundred clients, trusted users, and a few multipurpose servers.
But you will need the NIS+ for large, modern, and complex client-server network administrations. It comes with more autonomy. It conveniently handle the networks with up to 10,000 multivendor clients and up to 100 specialized servers located worldwide. The domain hierarchy is similar to that of DNS. However, it is more developed and is able to store the information about users, workstations, and network services.
NIS+ features interoperability characteristics that allow you to upgrade from NIS. It also allows the continued interaction with DNS as initially provided by NIS. The nispopulate command allows the NIS compatibility if you intend to move from NIS to NIS Plus.
An example file of NIS is as follows:
An example of an NIS+ file is as follows:
How NIS Works
You must have a single machine within your network that acts as an NIS server for NIS to work. However, you can still have multiple NIS servers, with each server serving a different NIS domain.
You can also utilize the cooperating servers where one machine acts as a master server while the rest are NIS slave servers. In such an arrangement, the slave servers only have NIS database copies and receive and implement the changes from the master server.
The main reason for having one or more slave servers in your systems is to maintain the uptime of your network throughout. Thus, the client machines can check through any fast or reliable slave servers whenever a master server is down or too slow.
How NIS+ Works
NIS+ works by supporting the authentication and data encryption—and it does this over a secure and reliable RPC. Thus, this is a better security tool than NIS.
The naming model here leverages a tree structure, with each node in the tree directly corresponding to a NIS+ object. Notably, the design has up to six trees including table, link, directory, group, entry, and private.
The root directory forms the basis of the NIS+ namespace. The two special directories include the groups_dir and the org_dir. The groups_dir is responsible for access control since it has NIS+ group objects. On the other hand, the org_dir contains the administration tables such as hosts, passwd, and mail_aliases.
Conclusion
That makes the end of our introduction to NIS and NIS+. Now, choosing between NIS and NIS+ is not a hard choice. Consider NIS+ if you have serious security needs within your networks. Although it is slightly easy to administer, it remarkably secure your systems. On the other hand, NIS is generally an administration protocol. It is pretty easy to minister but lacks the security measures.
Sources:
- https://docs.oracle.com/cd/E19455-01/806-2904/6jc3d07gd/index.html
- http://www.linuxgeek.net/documentation/authentication.phtml
- https://www.oreilly.com/library/view/linux-network-administrators/1565924002/ch13s02.html
- NIS and NIS+ Differences
- https://tldp.org/HOWTO/NIS-HOWTO/index.html
- Linux NIS / NIS+ Tutorial
Source: linuxhint.com