SUMMARY: changing IP address in a NIS+ environment

From: Marc S. Gibian (gibian@stars1.hanscom.af.mil)
Date: Tue Oct 22 1996 - 11:02:01 CDT


I asked how one changes the IP address on an NIS+ client and an NIS+ server.

The client solution is very simple... just update the local /etc/hosts (and the
appropriate name service file(s) such as the NIS+ hosts table, DNS, etc), and do
a reboot (some say a reconfigure reboot).

The server is a much more difficult problem as NIS+ uses the server's IP address
as part of its authentication mechanism. This would be fine if there were some
built-in facility for changing the IP address, but alas, there is not. So, there
is no good way to do this. A number of people suggested SunSolve Document
srdb/11728, but that does not seem to really address my situation. Others
provided another Sun document describing how to dump the NIS+ tables to files
and then restore them after changing to the new IP address. I am using this
second approach, though I am not real pleased as I am loosing the validity of
users' NIS+ credentials. While this is cleared up with a nisclient -u or chpass
-p in each username, this is not a pleasant solution. I should add that I got at
least one "it can't be done" for NIS+ servers.

I would like to add a better description of what I am doing... I have an target
customer platform configuration that consists of one or more workstations with
MY customer's software running on them in a cooperative manner. Many such
workstation groups exist, all independent of each other, though able to
communicate with each other if necessary.

A given workstation group has a single NIS+ domain with a single NIS+ server,
the root master. There is no need for additional servers as the number of
workstations in a single group is quite limited (unless there were a scriptable
way to convert, for instance, a root replica into the root master for the group
should the root master fail, but I see no way to do that after lots of
investigation). Single workstation groups, where the NIS+ root master is the
only machine, will be common. BUT, NIS+ is required so it is very simple to add
other members to the workstation group (and NIS+ is required in and of itself)

It will be very common for a a workstation group to be installed and checked out
on one LAN, then moved to another LAN for production work. The primary activity
(outside of the application itself) in making such a move is to change the IP
address, and since the average workstation group is < 1.5 machines, this means
lots of IP address changes for the NIS+ root master!

My current solution is a script that gets run twice, first to dump NIS+ tables,
change the IP address and reboot, the second time after the reboot to reload the
NIS+ tables. Other than the loss of authentication, repaired with the nisclient
-u/chkey -p command, this seems to be working.

A thank you to the following individuals:
Asim Zuberi <asim@psa.pencom.com>
Rasana Atreya <Rasana.Atreya@library.ucsf.edu>
Kevin Woods <kev@cnet.com>
brian davies <daviesb-cos3@kaman.com>
billk@LANcomp.COM (Bill Krauss)
twhite@bear.com (Thomas White)
"Hall, Steven" <SHall@nentmne1.telstra.com.au>
Ann Rautenbach 3267 Systems_Administrator <annr@ref.collins.co.uk>
Justin Young <justiny@cluster.engr.subr.edu>

Marc S. Gibian
Telos Consulting Services phone: (617) 377-6350
PRISM/TFS email: gibian@stars1.hanscom.af.mil

attached mail follows:


I am putting together a set of reconfiguration procedures for a Solaris 2.5/NIS+
environment. One of the tasks that I need to perform is changing the IP address
of both my NIS+ root master and NIS+ clients.

For the non-NIS+ part of the task, I have been leaning toward using
sys-unconfig, though that covers many other aspects of system identity that I'd
prefer to avoid if possible (without much effort as I have practically no time
to put this together). Then I ran into the NIS+ complications. Apparently NIS+
servers need to get totally rebuilt when changing the IP address of the server.

Does anyone have procedures and/or scripts/tools to change the IP address on an
NIS+ server and a NIS+ client without loosing any NIS+ data?

Marc S. Gibian
Telos Consulting Services phone: (617) 377-6350
PRISM/TFS email: gibian@stars1.hanscom.af.mil



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:13 CDT