Articles in this section

Connecting to NIS

Sara Levy
  • Updated
Follow

Network Information Service (NIS) is supported as an authorization provider for NFS exports.

When NIS is configured, for views that are exposed to NFS and have the Group Membership Source setting in the view policy set to Providers or Client and Providers:

  • NIS is used to authorize user access to file and directories.

  • NIS netgroups can be used to authorize NFS client hosts' access to files and directories.

See the following topics for details:

Configuring NIS via VAST Web UI

  1. From the left navigation menu, select User Management and then NIS.

  2. Click Create NIS to add a new NIS configuration.

    Note

    Only one NIS configuration is allowed at a time.

  3. In the Add NIS dialog, complete the fields:

    Field

    Description

    Domain name

    The NIS domain name shared by all the NIS servers and clients on your network.

    Example: NIS.companyname.com

    Servers

    Include every NIS master and slave server. You can specify up to ten servers.

    You can specify each server by its IP or host name, up to 48 characters. Either type them as a comma-separated list.

    Example: NISmaster.companyname.com,192.0.2.200,NISslave2.companyname.com

  4. Click Create.

    The NIS configuration is now displayed in the NIS tab.

 

Configuring NIS via VAST CLI

To manage NIS via the CLI, use the following commands.

Tip

For full CLI command syntax, including VAST arguments, enter the command at the CLI prompt in the <command> <subcommand> format provided in the table, followed by ?.

Task

Command

View NIS configuration

nis show, nis list

Create NIS configuration

nis create

Modify NIS configuration

nis modify

Delete NIS configuration

nis delete

Refresh NIS users and cache

nis refresh
 

Refreshing the NIS Cache

The NIS client looks up the NIS user and netgroup maps every 30 minutes and caches them. A refresh clears the cache and performs the lookup again.

If you are using NIS to check user group permissions in order to authorize file access, the cached user entries are used. To avoid unwanted access denials, it's good practice to refresh the cache immediately after you update any user's group memberships on NIS.

The user cache is limited to 20,480 users.

If you are using NIS netgroups to determine which hosts are allowed to access NFS exports, refreshing the cache can help avoid delays when granting access. If a host requests to access an export and is not found in the netgroups that are listed in the view policy, VAST Cluster fetches the netgroup map again. Therefore, a host that was recently added to a netgroup without a cache refresh would be granted access after a short delay. To avoid those delays, refresh the NIS cache immediately after updating the netgroup map.

The netgroup cache is limited to 10,000 entries. If the number of netgroups on the NIS server exceeds the limit, the least recently used netgroups are skipped each time the netgroups are fetched.

To refresh the NIS cache:

  1. From the left navigation menu, select User Management and then NIS.

  2. Click ActionsButtonGUI2.png to open the Actions menu for the NIS configuration record and select Refresh.

    A loading icon appears while the cache is refreshing. When finished, the page returns to normal and a message is displayed.

 

Using NIS Netgroups to Authorize Hosts

See Using Netgroups to Authorize Hosts.

 
 

Related articles

Comments

0 comments

Article is closed for comments.