NIS+ root master server move has just failed.

From: LOEWENTHAL Simon (sloewenthal@gemini.edu)
Date: Sat May 21 2005 - 12:44:23 EDT

   Dear anyone who is working on a Saturday.

I have just built our new NIS+ root master following Sun's SunSolve
document
http://sunsolve8.sun.com/search/document.do?assetkey=1-9-16166-1 (the
actual doc is cut and pasted below)

After it was built I could reinitalise a client to the new root master.
As a test before I reinitalised all our other clients, I rebooted the
root master to make sure that it came up OK. It didn't, and when as it
came up it gave out these error messages;

The server's name is nissrv.

/[snip]/
Use is subject to license terms.
configuring IPv4 interfaces: eri0.
Hostname: nissrv
The system is coming up. Please wait.
checking ufs filesystems
/dev/rdsk/c1t0d0s4: is logging.
starting rpc services: rpcbind nis_cachemgr rpc.nisd done.
Setting netmask of eri0 to 255.255.255.0
Setting default IPv4 interface for multicast: add net 224.0/4: gateway
sbfldap
syslog service starting.
passwd.org_dir: Not found.
May 21 12:34:01 nissrv nisd[139]: authdes_seccreate: keyserv(1m) is
unable to generate session key
May 21 12:34:01 nissrv rpc.nispasswdd[141]: Local NIS+ server is not a
master server
May 21 12:34:01 nissrv rpc.nispasswdd[141]: ... exiting ...
Starting Sun(TM) Web Console Version 2.1...
See /var/log/webconsole/console_debug_log for server logging information
Usage: /etc/rc2.d/S69inet { start | stop }
Starting SHAPE client...
Sending output to nohup.out
volume management starting.
The system is ready.

This is the same machine that I used to test this procedure before I did
it live, and I don't remember having this problem then, although my
experience with NIS+ has never been a favourable one...

Have anyone got a clue what might be causing this?

Regards, S.
---------------------

This tip sheet assumes that you already have a NIS+ setup configured and
presently want to make another machine ( probably new) the root master for
various reasons.

The sequence of the steps would be :
 
1) Dump the tables from the old master
2) making the new machine the root master for the domain
3) gradually moving the existing clients towards the new root master
   ( including the existing replicas),
4) recreating required replicas,
5) De-comission the old master(which can later be made a client/replica to
   the new master if needed)

SETTING UP THE NEW MACHINE AS THE ROOT-MASTER:
----------------------------------------------

1) Dump the nis+ datbase from the old master
  
  old-master# mkdir /var/nisfiles
  old-master# cd /var/nisfiles
  
  old-master# /usr/lib/nis/nisping -C groups_dir.`domainname`.
  old-master# /usr/lib/nis/nisping -C org_dir.`domainname`.
  old-master# /usr/lib/nis/nisping -C `domainname`.
  
  old-master# /usr/lib/nis/nisaddent -d aliases > aliases
  old-master# /usr/lib/nis/nisaddent -d bootparams > bootparams
  old-master# /usr/lib/nis/nisaddent -d ethers > ethers
  old-master# /usr/lib/nis/nisaddent -d group > group
  old-master# /usr/lib/nis/nisaddent -d hosts > hosts
  old-master# /usr/lib/nis/nisaddent -d netgroup > netgroup
  old-master# /usr/lib/nis/nisaddent -d netid > netid
  old-master# /usr/lib/nis/nisaddent -d netmasks > netmasks
  old-master# /usr/lib/nis/nisaddent -d networks > networks
  old-master# /usr/lib/nis/nisaddent -d passwd > passwd
  old-master# /usr/lib/nis/nisaddent -d protocols > protocols
  old-master# /usr/lib/nis/nisaddent -d publickey > publickey
  old-master# /usr/lib/nis/nisaddent -d rpc > rpc
  old-master# /usr/lib/nis/nisaddent -d services > services
  old-master# /usr/lib/nis/nisaddent -d shadow > shadow
  old-master# /usr/lib/nis/nisaddent -d timezone > timezone
  old-master# /usr/lib/nis/nisaddent -d -t auto_home.org_dir key-value >
auto_home
  old-master# /usr/lib/nis/nisaddent -d -t auto_master.org_dir key-value >
auto_master
  
2) Make a "/var/nisfiles" directory on the new master and copy all the files
   under /var/nisfiles on the old master to /var/nisfiles on the new master.
  
   new-master#rcp oldmaster:/var/nisfiles/* /var/nisfiles

  (rcp requires the presents of a .rhosts file or a host.equiv file on the
   remote machine so the user is not prompted for a password.)

***NOTE: If the same IP and the name are being used for the old-master and
   the new-master machine, the files need to be copied to a third machine,
   the old-master must be removed from the network, and the new master
   configured properly, so that it assumes the same name and IP address of the
   old-master
 
3) Build the new master

***NOTE: If the new-master is already an NIS+ machine (replica/client)
   belonging to the old domain, NIS+ has to be removed from the machine

  new-master# cp /etc/nsswitch.files /etc/nsswitch.conf
  new-master# kill <PID_of_rpc.nisd>
  new-master# kill <PID_of_rpc.nispasswdd>
  new-master# kill <PID_of_nis_cachemgr>
  new-master# rm -f /etc/.rootkey
  new-master# rm -rf /var/nis/*
  new-master# rm -rf /etc/defaultdomain

   *** REBOOT at this point).
  ]

  new-master# /usr/lib/nis/nisserver -v -r -d <domainame.with.railing.dot>
  
4) Remove the lines related to the new-master from /var/nisfiles/publickey

   e.g.: unix.new-master@domain
  
5) Add the new-master's present publickey to the /var/nisfiles/publickey
  
   new-master# /usr/lib/nis/nisaddent -d publickey >> /var/nisfiles/publickey
   
6) Populate the tables on the new master.
  
   new-master# cd /var/nisfiles
   new-master# nispopulate -v -F
  
7) Update the database with the original publikeys.
  
   new-master# nisaddent -rv -f /var/nisfiles/publickey publickey
     
8) Checkpoint the database
   
   new-master# /usr/lib/nis/nisping -C org_dir
   new-master# /usr/lib/nis/nisping -C groups_dir
   new-master# /usr/lib/nis/nisping -C
  
MOVING THE CLIENTS TO THE NEW MASTER:
-------------------------------------

9) Copy the /var/nis/NIS_COLD_START from the master on to the client's
   /var/tmp and reinitialise the client.
  
   client# rcp new-master:/var/nis/NIS_COLD_START /var/tmp
   client# nisinit -c -C /var/tmp/NIS_COLD_START
   client# kill <PID_of_nis_cachemgr>
   client# rm /var/nis/.NIS_PRIVATE_DIRCACHE /var/nis/NIS_SHARED_DIRCACHE
   client# /usr/sbin/nis_cachemgr

REINITIALISE THE REPLICAS:
---------------------------
  
10) Remove nis+ from the old replicas (PSD section 3.17) and reinitialize as
    clients( PSD section 3.2 (and then as replicas for the new master if
needed).
    (PSD section 3.3)

REMOVE THE NIS+ FROM THE OLD MASTER AND REINITAILIZE AS CLIENT:
--------------------------------------------------------------
  
11) Remove the nis+ from the old master and initialize as a client to the new
    master (PSD section 3.17 and PSD section 3.2).

[demime 1.01b removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s]
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:30:44 EDT