DirXML Driver for NIS Architecture
In mixed networks, eDirectory communicates with a variety of data stores spread across complex and heterogeneous computer systems in order to maintain network-wide information. On UNIX systems, such information is maintained in three different types of data stores: Files, NIS(YP), and NIS+.
The DirXML Driver for NIS is used to synchronize information between these data stores and eDirectory. It uses DirXML 1.1a to communicate with eDirectory.
The three main data stores that maintain user and group account information in UNIX systems are briefly described below.
The Files data store uses local files on a machine to store information. These files are modified by different utilities to add, modify, and delete information. Information related to user accounts and groups is stored in the /etc/passwd and /etc/group files respectively, in ASCII format.
Local files are inadequate to store information pertaining to a large number of clients in client/server networks. NIS(YP), a data storage mechanism designed to meet this need, uses a central NIS(YP) server to store domain-level information that client machines can access. NIS(YP) maintains user account and group account information in data stores called maps. Information is stored in DBM format in maps files.
NIS(YP) was designed for use in client/server networks that had a few hundred clients and a few multi-purpose servers. It proved to be inadequate in larger networks that hosted many specialized servers. NIS+ was designed to replace NIS(YP).
NIS+ stores network-wide information in a distributed, hierarchical domain structure and provides additional security to service clients across untrusted public networks. Information related to user accounts and groups is stored in the passwd and group tables in a relational database format. NIS+ uses a transaction log to send updates, which can be viewed using the nislog command.
The DirXML Driver for NIS synchronizes information between NIS data stores and eDirectory so there is a one-to-one correspondence between user or group account information as stored in eDirectory and in NIS.
The following illustration describes the architecture of the DirXML Driver for NIS.
Figure 1
DirXML Driver for NIS Architecture
The DirXML Driver for NIS communicates with two main modules, the DirXML engine and the external NIS database. The driver is represented through objects in eDirectory. The eDirectory object that represents the driver stores the driver's configuration and rule values. You can access and configure the driver using the DirXML snap-in in ConsoleOne® or iManager.
The DirXML driver for NIS provides:
The NIS driver interfaces with the NIS databases on both the Subscriber and Publisher channels.
The Subscriber channel receives eDirectory events related to addition, modification, deletion, and renaming of user and group objects and updates the NIS databases to reflect the changes.
Figure 2
Subscriber Channel
The following table lists the Subscriber events that are supported by the driver, and the action taken upon receiving the event:
NOTE: An error is generated if a UNIX profile of a user or group is deleted.
The Publisher channel polls the NIS databases for changes in user and group information and updates the eDirectory.
Figure 3
Publisher Channel
The following table lists the Publisher events that are supported by the driver, and the action taken upon receiving the event:
IMPORTANT: Renaming a user or group is not supported in Files and NIS(YP).