Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
nistbladm(1)			 User Commands			  nistbladm(1)

       nistbladm - NIS+	table administration command

       nistbladm -a | -A [-D defaults] colname = value... tablename

       nistbladm -a | -A [-D defaults] indexedname

       nistbladm  -c [-D defaults] [-p path] [-s sep] type colname = [flags] [
       , access...] tablename

       nistbladm -d tablename

       nistbladm -e | -E  colname = value... indexedname

       nistbladm -m colname = value... indexedname

       nistbladm -r | -R [ colname = value...] tablename

       nistbladm -r | -R  indexedname

       nistbladm -u [-p	path] [-s sep] [-t type] [ colname = access...]	table-

       The  nistbladm  command	is  used to administer	NIS+ tables. There are
       five primary operations that it performs: creating and deleting tables,
       adding  entries to, modifying entries within, and removing entries from

       Though NIS+ does	not place restrictions on the size of  tables  or  en-
       tries,  the  size of data has an	impact on the performance and the disk
       space requirements of the NIS+ server. NIS+ is not  designed  to	 store
       huge  pieces  of	data, such as files; instead, pointers to files	should
       be stored in NIS+.

       NIS+ design is optimized	to support 10,000 objects with a total size of
       10M  bytes.  If the requirements	exceed the above, it is	suggested that
       the domain hierarchy be created,	or the data stored in  the  tables  be
       pointers	to the actual data, instead of the data	itself.

       When  creating tables, a	table type, type, and a	list of	column defini-
       tions must be provided.

       type is a string	that is	stored in the table and	later used by the ser-
       vice to verify that entries being added to it are of the	correct	type.

       Syntax for column definitions is:


       flags is	a combination of:

       S	Searchable.  Specifies	that  searches can be done on the col-
		umn's values (see nismatch(1)).

       I	Case-insensitive (only makes sense  in	combination  with  S).
		Specifies that searches	should ignore case.

       C	Crypt. Specifies that the column's values should be encrypted.

       B	Binary	data  (does  not make sense in combination with	S). If
		not set, the column's values are expected to  be  null	termi-
		nated ASCII strings.

       X	XDR encoded data (only makes sense in combination with B).

       access  is  specified  in the format as defined by the nischmod(1) com-

       When manipulating entries, this command takes two forms of entry	 name.
       The  first  uses	 a series of space separated  colname=value pairs that
       specify column values in	the entry. The second is a NIS+	indexed	 name,
       indexedname, of the form:

       [ colname=value,	... ],tablename

       The following options are supported:

       -a | A	       Adds  entries  to  a NIS+ table.	The difference between
		       the lowercase `a' and  the  uppercase  `A'  is  in  the
		       treatment  of preexisting entries. The entry's contents
		       are specified by	the  column=value pairs	on the command
		       line.  Values  for  all	columns	must be	specified when
		       adding entries to a table.

		       Normally, NIS+ reports an error if an attempt  is  made
		       to  add an entry	to a table that	would overwrite	an en-
		       try that	already	exists.	This prevents multiple parties
		       from  adding  duplicate	entries	and having one of them
		       get overwritten.	If you wish to force the add, the  up-
		       percase	`A'  specifies	that the entry is to be	added,
		       even if it already exists. This is analogous to a  mod-
		       ify  operation on the entry.

       -c	       Creates	a  table named tablename in the	namespace. The
		       table that is created must have at least	one column and
		       at least	one column must	be searchable.

       -d tablename    Destroys	 the  table named tablename. The table that is
		       being destroyed must be empty. The table's contents can
		       be deleted with the -R option below.

       -e|E	       Edits  the  entry in the	table that is specified	by in-
		       dexdname. indexdname must uniquely  identify  a	single
		       entry.  It  is  possible	 to edit the value in a	column
		       that would change the indexed name of an	entry.

		       The change (colname=value) may affect other entries  in
		       the  table  if the change results in an entry whose in-
		       dexed name is  different	 from  indexedname  and	 which
		       matches	that  of another existing entry. In this case,
		       the -e option will fail and an error will be  reported.
		       The  -E option will force the replacement of the	exist-
		       ing entry by the	new entry  (effectively	 removing  two
		       old entries and adding a	new one).

       -m	       A  synonym  for	-E. This option	has been superseded by
		       the -E option.

       -r|R	       Removes entries from a table. The xentry	 is  specified
		       by  either  a series of	column=value pairs on the com-
		       mand line, or an	indexed	name that is specified as  en-
		       tryname.	 The  difference between the interpretation of
		       the lowercase `r' versus	the uppercase `R'  is  in  the
		       treatment  of non-unique	entry specifications. Normally
		       the NIS+	server will disallow an	attempt	to  remove  an
		       entry  when the search criterion	specified for that en-
		       try resolves to more than one entry in  the table. How-
		       ever, it	is sometimes desirable to remove more than one
		       entry, as when you are attempting to remove all of  the
		       entries from a table. In	this case, using the uppercase
		       `R' will	force the NIS+ server to  remove  all  entries
		       matching	 the  passed search criterion.	If that	crite-
		       rion is null and	no column values specified,  then  all
		       entries in the table will be removed.

       -u	       Updates attributes of a table. This allows the concate-
		       nation path (-p), separation character (specified  with
		       the  (-s)), column access rights, and table type	string
		       (-t) of a table to be changed.  Neither the  number  of
		       columns,	 nor  the  columns  that are searchable	may be

       -D defaults     When creating objects, this option specifies a  differ-
		       ent  set	 of defaults to	be used	during this operation.
		       The defaults string is a	series of tokens separated  by
		       colons. These tokens represent the default values to be
		       used for	the generic object properties. All of the  le-
		       gal tokens are described	below.

		       ttl=time		       This  token  sets  the  default
					       time to live for	 objects  that
					       are  created  by	 this command.
					       The value time is specified  in
					       the  format  as	defined	by the
					       nischttl(1)  command.  The  de-
					       fault value is 12 hours.

		       owner=ownername	       This  token  specifies that the
					       NIS+ principal ownername	should
					       own  the	 created  object. Nor-
					       mally this value	is the same as
					       the  principal who is executing
					       the command.

		       group=groupname	       This token specifies  that  the
					       group  groupname	 should	be the
					       group owner for the object that
					       is  created.  The default value
					       is NULL.

		       access=rights	       This token specifies the	set of
					       access  rights  that  are to be
					       granted for the	given  object.
					       The  value  rights is specified
					       in the format as	defined	by the
					       nischmod(1)  command.  The  de-
					       fault	value	 is    ----rm-

       -p path	       When  creating  or updating a table, this option	speci-
		       fies the	table's	search path. When a  nis_list()	 func-
		       tion  is	 invoked,  the user can	specify	the flag  FOL-
		       LOW_PATH	to tell	the client library to continue search-
		       ing  tables  in the table's path	if the search criteria
		       used does not yield any entries.	The path  consists  of
		       an  ordered  list  of table names, separated by colons.
		       The names in the	path must be fully qualified.

       -s  sep	       When creating or	updating a table, this	option	speci-
		       fies  the  table's  separator  character. The separator
		       character is used by  niscat(1) when displaying	tables
		       on the standard output. Its purpose is to separate col-
		       umn data	when the table is in ASCII form.  The  default
		       value is	a space.

       -t type	       When  updating  a  table, this option specifies the ta-
		       ble's type string.

       Example 1: Creating an Unmodifiable Table

       This example creates a table named hobbies in the  directory
       of the type hobby_tbl with two searchable columns,  name	and  hobby.

       example%	nistbladm -c hobby_tbl name=S,\
	     a+r,o+m hobby=S,a+r

       The  column  name  has read access for all (that	is,  owner, group, and
       world) and modify access	for only the owner. The	column hobby is	 read-
       able by all, but	not modifiable by anyone.

       In  this	 example, if the access	rights had not been specified, the ta-
       ble's access rights would have come from	either the  standard  defaults
       or the  NIS_DEFAULTS variable (see below).

       Example 2: Adding Entries to the	Table

       To add entries to this table:

       example%	nistbladm -a name=bob hobby=skiing
       example%	nistbladm -a name=sue hobby=skiing
       example%	nistbladm -a name=ted hobby=swimming

       Example 3: Adding the Concatenation Path

       In  the	following example, the common root domain is (NIS+ re-
       quires at least two components to define	the root domain) and the  con-
       catenation path for the subdomains bar and baz are added:

       example%	nistbladm -u -p hobbies

       Example 4: Deleting Skiers from the List

       To delete the skiers from our list:

       example%	nistbladm -R hobby=skiing

       Note:   The  use	of the	-r option would	fail because there are two en-
       tries with the value of skiing.

       Example 5: Naming a Column with no Flags	Set

       To create a table with a	column that is named with no  flags  set,  you
       supply only the name and	the equals (=) sign as follows:

       example%	nistbladm -c notes_tbl name=S,a+r,o+m note=

       This  example  created a	table, named, of	type notes_tbl
       with two	columns	name and note. The note	column is not searchable.

       Example 6: Protecting Terminal Characters

       When entering data for columns in the form of a value string, it	is es-
       sential	that  terminal	characters  be	protected  by single or	double
       quotes. These are the characters	equals (=), comma  (,),	 left  bracket
       ([),  right  bracket (]), and space ( ).	These characters are parsed by
       NIS+ within an indexed name. These characters are protected by  enclos-
       ing the entire value in double quote (")	characters as follows:

       example%	nistbladm -a fullname="Joe User" nickname=Joe nicknames

       If there	is any doubt about how the string will be parsed, it is	better
       to enclose it in	quotes.

       NIS_DEFAULTS		       This  variable  contains	  a   defaults
				       string  that will be override the  NIS+
				       standard	defaults. If the  -D switch is
				       used  those  values  will then override
				       both the	 NIS_DEFAULTS variable and the
				       standard	defaults.

       NIS_PATH			       If  this	 variable is set, and the NIS+
				       table name is not fully qualified, each
				       directory  specified  will  be searched
				       until the table is  found.  See	nisde-

       The following exit values are returned:

       0	Successful operation.

       1	Operation failed.

       See attributes(5) for descriptions of the following attributes:

       |      ATTRIBUTE	TYPE	     |	    ATTRIBUTE VALUE	   |
       |Availability		     |SUNWnisu			   |

       nis+(1),	  niscat(1),  nischmod(1),  nischown(1),  nischttl(1),	nisde-
       faults(1), nismatch(1), nissetup(1M), attributes(5)

       NIS+ might not be supported in future releases of the SolarisTM Operat-
       ing  Environment.  Tools	 to  aid  the  migration from NIS+ to LDAP are
       available in the	Solaris	9 operating environment. For more information,

       To modify one of	the entries, say, for example, from "bob" to "robert":

       example%	nistbladm -m name=robert [name=bob],hobbies

       Notice that "[name=bob],hobbies"	is an indexed name, and	that the char-
       acters `[' (open	bracket) and `]' (close	bracket)  are  interpreted  by
       the  shell. When	typing entry names in the form of  NIS+	indexed	names,
       the name	must be	protected by using single quotes.

       It is possible to specify a set of defaults such	that you  cannot  read
       or modify the table object later.

SunOS 5.10			  10 Dec 2001			  nistbladm(1)


Want to link to this manual page? Use this URL:

home | help