Installing and configuring the AIX NIS client components
You can find the vasyp.bff file in the client directory for your AIX operating system on the installation media.
To install and configure vasyp on AIX
- Ensure that the system ypserv and ypbind daemons are stopped by running the following commands as root:
# stopsrc -s ypbind
# stopsrc -s ypserv
Also ensure that all entries dealing with ypserv and ypbind in /etc/rc.nfs are commented out.
Note: You do not need to do this if the machine is not configured as a NIS server.
- As root, mount the Safeguard Authentication Services installation CD and change to the aix directory.
- Use installp to install the package appropriate for your version of AIX, as follows:
# installp -ac -d vasyp_AIX_<platform>.<version>.bff all
- On AIX 7.1 (and later), create a ypservers file in /var/yp/binding/<NIS_DOMAIN>/ypservers which only contains the following line:
127.0.0.1
- Start vasyp with the following command:
# /etc/rc.d/init.d/vasypd start
Note: Do not configure the NIS client using the standard AIX configuration instructions. Normally, you configure the system domain name and enable the NIS client in /etc/rc.nfs. For vasyp to work correctly on AIX, you must disable any NIS configuration in the /etc/rc.nfs file.
You can now use the NIS utilities like ypwhich and ypcat to query vasyp for NIS map data.
NIS map search locations
By default, the vasyp daemon only searches the Active Directory container, or organizational unit (OU) in which the Unix computer object was created. You can override this search location by configuring the search-base option in vas.conf. This allows you to have different sets of NIS maps for different groups of Unix hosts.
For more information on the search-base option, refer to the vasypd section of the vas.conf man page.
Deploying in a NIS environment
These are the components associated with using Safeguard Authentication Services in a NIS environment:
- RFC 2307 NIS Map Import Wizard
The RFC 2307 Map Import Wizard imports NIS data into Active Directory as RFC 2307 objects either from a NIS server or from a local file. This wizard can also save an import session as an LDIF file that you can import using standard LDAP tools.
- RFC 2307 NIS Map Editor
The RFC 2307 NIS Map Editor is the standard Windows tool for modifying RFC 2307 NIS data that has been imported into Active Directory using the import wizard.
- nisedit
nisedit is the NIS Map Command Line Administration Utility you run from the host.
- vasyp
vasyp runs on a Safeguard Authentication Services Unix host machine joined to an Active Directory domain. It interprets RFC 2307 objects from Active Directory as standard NIS maps on Unix.
Starting the NIS Map Import Wizard
Using the RFC 2307 NIS Map Import Wizard, you can import directly from local files or from an existing NIS server.
To start the NIS Map Import Wizard
- From Windows, start Active Directory Users and Computers.
By default, NIS Map Objects are only available to Safeguard Authentication Services clients in the same organizational unit to which they are joined.
If the client is joined in Unix Personality Mode then only the NIS maps residing in the personality containers NIS OU are accessible.
- Right-click on the Computers container in the ADUC or, if in UPM mode, the NIS OU inside the promoted personality OU in ADUC.
- Select All Tasks | Unix Tasks | RFC 2307 NIS Map Import Wizard to launch the wizard.
- Click Next in the Welcome dialog.
- In the Source Selection dialog, select the option to Import NIS Data from Local file or Import NIS Data from the NIS Server.
