unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (HP-UX-11.11)
Page:
Section:
Apropos / Subsearch:
optional field



 nisupdkeys(1M)						      nisupdkeys(1M)




 NAME
      nisupdkeys - update the public keys in a NIS+ directory object

 SYNOPSIS
      /usr/lib/nis/nisupdkeys [ -a | -C ] [ -H host ] [ directory ]

      /usr/lib/nis/nisupdkeys -s [ -a | -C ] -H host

 DESCRIPTION
      This command updates the public keys in an NIS+ directory object.
      When the public key for a NIS+ server is changed, the new key must be
      propagated to all directory objects that reference that server.

      nisupdkeys reads a directory object and attempts to get the public key
      for each server of that directory.  These keys are placed in the
      directory object and the object is then modified to reflect the new
      keys.

      If directory is present, the directory object for that directory is
      updated.	Otherwise the directory object for the default domain is
      updated.

      On the other hand, nisupdkeys -s gets a list of all the directories
      served by host and updates those directory objects.  This assumes that
      the caller has adequate permission to change all the associated
      directory objects.  The list of directories being served by a given
      server can also be obtained by nisstat(1M).

      Before you do this operation, make sure that the new address/public
      key has been propagated to all replicas.

    Options
      -a	  Update the universal addresses of the NIS+ servers in the
		  directory object.  Currently, this only works for the
		  TCP/IP family of transports.	This option should be used
		  when the IP address of the server is changed.	 The
		  server's new address is resolved using gethostbyname() on
		  this machine.	 The /etc/nsswitch.conf file must point to
		  the correct source for the hosts entry for this resolution
		  to work.

      -C	  Specify to clear rather than set the public key.
		  Communication with a server that has no public key does
		  not require the use of secure RPC.

      -H host	  Limit key changes only to the server named host.  If the
		  hostname is not a fully qualified NIS+ name, then it is
		  assumed to be a host in the default domain.  If the named
		  host does not serve the directory, no action is taken.





 Hewlett-Packard Company	    - 1 -   HP-UX Release 11i: November 2000






 nisupdkeys(1M)						      nisupdkeys(1M)




      -s	  Update all the NIS+ directory objects served by the
		  specified server.  This assumes that the caller has
		  adequate access rights to change all the associated
		  directory objects.  If the NIS+ principal making this call
		  does not have adequate permissions to update the directory
		  objects, those particular updates will fail and the caller
		  will be notified.  If the rpc.nisd on host cannot return
		  the list of servers it serves, the command will print an
		  error message.  The caller would then have to invoke
		  nisupdkeys multiple times (as in the first SYNOPSIS), once
		  per NIS+ directory that it serves.

 EXAMPLES
      The following example updates the keys for servers of the foo.bar.
      domain.

	   nisupdkeys foo.bar.

      This example updates the key for host fred which serves the foo.bar.
      domain.

	   nisupdkeys -H fred foo.bar.

      This example clears the public key for host wilma in the foo.bar.
      directory.

	   nisupdkeys -CH wilma foo.bar.

      This example updates the public key in all directory objects that are
      served by the host wilma.

	   nisupdkeys -s -H wilma

 AUTHOR
      nisupdkeys was developed by Sun Microsystems, Inc.

 SEE ALSO
      chkey(1), niscat(1), nisaddcred(1M), gethostent(3N), nis_objects(3N).

 NOTES
      The user executing this command must have modify access to the
      directory object for it to succeed. The existing directory object can
      be displayed with the niscat(1) command using the -o option.

      This command does not update the directory objects stored in the
      NIS_COLD_START file on the NIS+ clients.

      If a server is also the root master server, then nisupdkeys -s cannot
      be used to update the root directory.





 Hewlett-Packard Company	    - 2 -   HP-UX Release 11i: November 2000