HPE Community
Operating System - HP-UX
1835451 Members
2922 Online
110078 Solutions
New Discussion

NIS Scripts

 
SOLVED
Go to solution
generic_1
Respected Contributor

‎06-25-2004 05:51 AM

‎06-25-2004 05:51 AM

NIS Scripts

I have a massive NIS deployment to deal with and if anyone else has been through the same and has some good scripts to help manage a huge NIS environment and keep it healthy I would appreciate it very much. Thanks.
0 Kudos
Reply
6 REPLIES 6
KapilRaj
Honored Contributor

‎06-25-2004 06:47 AM

‎06-25-2004 06:47 AM

Re: NIS Scripts

I can't cut + paste our script here but i can give u some hints here ...

We have decided not to create user (modify passwd / group files) manually. But thru a script to have a locking mechanism to prevent two sysadmin's editing these files at the same time.

We do a yppush every 1 Hour to the slaves by a scheduler.. and this script also checks the lock.

The script takes care of taking backups of all the important file every time it is invoked. and we housekeep the backup ditrectory after 30 days ..

Kaps
Nothing is impossible
Reply
A. Clay Stephenson
Acclaimed Contributor

‎06-25-2004 08:17 AM

‎06-25-2004 08:17 AM

Solution

Re: NIS Scripts

I would be very reluctant to do a massive NIS deployment now because NIS for all practical purposes is obsolete. It simply can't co-exist with shadowed passwords or Trusted systems. NIS+ is a better choice but it too is not long for this earth. You really ought to rethink the issue and strongly consider LDAP.

That having been said, your first task is to make sure that UID's and GID's are consistant across all machines. I'm sure you can handle the remsh to grab /etv/passwd and the extract the logins, UID's, and GID's from
all the boxes and look for mismatches.

Your next task is to change the ownership/group of all bad files on a given box.

I'll give you those scripts that I whipped up for someone fairly recently.

The first one is find.pl

It does a recursive descent and for each file found it writes a line of output
UIDGIDpathnamefiletype

filetype is a 2-digit octal value; it's main purpose is to identify the symlinks since we can leave those alone -- ownership doesn't matter in that case. If you are really concerned about symlink ownership, search the forums for lchmod.c -- I wrote a C program to do this.

Use it like this:
find.pl -s ./ > /var/tmp/filelist

Invoke as find.pl -u for full usage.
If it ain't broke, I can fix that.
Reply
A. Clay Stephenson
Acclaimed Contributor

‎06-25-2004 08:28 AM

‎06-25-2004 08:28 AM

Re: NIS Scripts

The next piece of the puzzle is fixuid.pl.

Create a text file with the following format:
OLD_UID NEW_UID

1 line for each uid you want translated.

Exactly the same format is used for a second file to translate GID's.

It reads the file generated by find.pl as stdin and looks at the translation table and does a chown to update UID/GID as needed.

A typical usage is:
fixuid.pl -U my_uid_table -G my_gid_table -e 100 < /var/tmp/filelist

Invoke as fixuid.pl -u for full usage.

If it ain't broke, I can fix that.
Reply
generic_1
Respected Contributor

‎06-25-2004 08:36 AM

‎06-25-2004 08:36 AM

Re: NIS Scripts

This information is very useful, perhaps long term LDAP could be a posibility any aditional information on LDAP managemnt would be welcome as well, but in the meanwhile its going to be NIS, because the environment already exists. Thank you very much for your help Clay.
0 Kudos
Reply
generic_1
Respected Contributor

‎06-27-2004 04:25 PM

‎06-27-2004 04:25 PM

Re: NIS Scripts

Has anyone else written some useful scripts to help manage huge NIS environments. Any input would be appreciated. Thanks again for your input Clay.
0 Kudos
Reply
generic_1
Respected Contributor

‎06-29-2004 02:40 AM

‎06-29-2004 02:40 AM

Re: NIS Scripts

Does anyone have any other NIS scripts or knowledge they would like to share?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.