- application-level naming service
Application-level naming services are incorporated in applications offering services such as files,
mail, and printing. Application-level naming services are bound below enterprise-level naming services.
The enterprise-level naming services provide contexts in which contexts of application-level naming
services can be bound.
Each LDAP entry consists of a number of named attributes each of
which has one or more values.
Also: The N2L service mapping and configuration files each consist of a
number of named attributes each of which has one or more
The means by which a server can verify a client's identity.
The DN where part of the DIT is rooted. When this is
the baseDN for a NIS domains entries it is also referred to
as a context.
- cache manager
The program that manages the local caches of NIS+ clients (NIS_SHARED_DIRCACHE), which
are used to store location information about the NIS+ servers that support
the directories most frequently used by those clients, including transport addresses, authentication
information, and a time-to-live value.
- child domain
(1) The client is a principal (machine or user) requesting an naming
service from an naming server.
(2) In the client-server model for file systems, the client is a
machine that remotely accesses resources of a compute server, such as compute
power and large memory capacity.
(3) In the client-server model, the client is an application that accesses
services from a “server process.” In this model, the client and the
server can run on the same machine or on separate machines.
- client-server model
A common way to describe network services and the model user processes
(programs) of those services. Examples include the name-server/name-resolver paradigm of the Domain Name System (DNS).
See also client.
For the N2L service, a context is something under which a NIS
domain is generally mapped. See also baseDN.
The authentication information that the client software sends along with each request
to a naming server. This information verifies the identity of a user
- data encrypting key
A key used to encipher and decipher data intended for programs that
perform encryption. Contrast with key encrypting key.
- data encryption standard (DES)
A commonly used, highly sophisticated algorithm developed by the U.S. National Bureau
of Standards for encrypting and decrypting data. See also SUN-DES-1.
For the N2L service, a databaseID is an alias for a group
of maps containing NIS entries of the same format (having the same
mappings to LDAP). The maps might have differing keys.
DBM is the database originally used to store NIS maps.
- decimal dotted notation
The syntactic representation for a 32-bit integer that consists of four 8-bit
numbers written in base 10 with periods (dots) separating them. Used to
represent IP addresses in the Internet as in: 18.104.22.168.
See data encryption standard (DES).
(1) An LDAP directory is a container for LDAP objects. In UNIX,
a container for files and subdirectories.
- directory cache
A local file used to store data associated with directory objects.
- directory information tree
The DIT is the distributed directory structure for a given network. By
default, Solaris LDAP clients access the information assuming that the DIT has
a given structure. For each domain supported by the LDAP server, there
is an assumed subtree with an assumed structure.
- distinguished name
A distinguished name is an entry in an X.500 directory information base
(DIB) composed of selected attributes from each entry in the tree along
a path leading from the root down to the named entry.
See directory information tree.
A distinguished name in LDAP. A tree-like structured addressing scheme of the
LDAP directory which gives a unique name to each LDAP entry.
See Domain Name System.
An NIS server or an NIS+ server with NIS compatibility set forwards
requests it cannot answer to DNS servers.
- DNS zone files
A set of files wherein the DNS software stores the names and
IP addresses of all the workstations in a domain.
- DNS zones
Administrative boundaries within a network domain, often made up of one or
(1) In NIS+ a group of hierarchical objects managed by NIS+. There
is one highest level domain (root domain) and zero or more subdomains.
Domains and subdomains may be organized around geography, organizational or functional principles.
Parent domain. Relative term for the domain immediately above the current domain in the hierarchy.
Child domain. Relative term for the domain immediately below the current domain in the hierarchy.
Root domain. Highest domain within the current NIS+ hierarchy.
(2) In the Internet, a part of a naming hierarchy usually corresponding
to a Local Area Network (LAN) or Wide Area Network (WAN) or
a portion of such a network. Syntactically, an Internet domain name consists
of a sequence of names (labels) separated by periods (dots). For example,
(3) In International Organization for Standardization's open systems interconnection (OSI), “domain” is
generally used as an administrative partition of a complex distributed system, as
in MHS private management domain (PRMD), and directory management domain (DMD).
- domain name
The name assigned to a group of systems on a local network
that share DNS administrative files. The domain name is required for the
network information service database to work properly. See also domain.
- Domain naming service (DNS)
A service that provides the naming policy and mechanisms for mapping domain
and machine names to addresses outside of the enterprise, such as those
on the Internet. DNS is the network information service used by the
The means by which the privacy of data is protected.
- encryption key
See data encrypting key.
- enterprise-level network
An “enterprise-level” network can be a single Local Area Network (LAN) communicating
over cables, infra-red beams, or radio broadcast; or a cluster of two
or more LANs linked together by cable or direct phone connections. Within
an enterprise-level network, every machine is able to communicate with every other
machine without reference to a global naming service such as DNS or
A single row of data in a database table, such as an
LDAP element in a DIT.
A NIS map entry might consist of a number of components and
separator characters. As part of the N2L service mapping process the entry
is first broken down into a number of named fields.
See group ID.
- global naming service
A global naming service identifies (names) those enterprise-level networks around the world
that are linked together via phone, satellite, or other communication systems. This
world-wide collection of linked networks is known as the “Internet.” In addition
to naming networks, a global naming service also identifies individual machines and
users within a given network.
- group ID
A number that identifies the default group for a user.
- indexed name
A naming format used to identify an entry in a table.
- Internet address
A 32-bit address assigned to hosts using TCP/IP. See decimal dotted notation.
Internet Protocol. The network layer protocol for the Internet protocol suite.
- IP address
A unique number that identifies each host in a network.
- key (encrypting)
A key used to encipher and decipher other keys, as part of
a key management and distribution system. Contrast with data encrypting key.
- key server
A Solaris operating environment process that stores private keys.
Lightweight Directory Access Protocol is a standard, extensible directory access protocol used
by LDAP naming service clients and servers to communicate with each other.
- local-area network (LAN)
Multiple systems at a single geographical site connected together for the purpose
of sharing and exchanging data and software.
- mail exchange records
Files that contain a list of DNS domain names and their corresponding
- mail hosts
A workstation that functions as an email router and receiver for a
The process of converting NIS entries to or from DIT entries. This
process is controlled by a mapping file.
- master server
The server that maintains the master copy of the network information service
database for a particular domain. Namespace changes are always made to the
naming service database kept by the domain's master server. Each domain has
only one master server.
Management information systems (or services).
- N2L server
NIS-to-LDAP server. An NIS master server that has been reconfigured as an
N2L server by using the N2L service. Reconfiguration includes replacing NIS daemons
and adding new configuration files.
- name resolution
The process of translating workstation or user names to addresses.
- name server
Servers that run one or more network naming services.
(1) A namespace stores information that users, workstations, and applications must have
to communicate across the network.
(2) The set of all names in a naming system.
- naming service
A network service that handles machine, user, printer, domain, router, an other
network names and addresses.
- naming service switch
A configuration file (/etc/nsswitch.conf) that defines the sources from which an naming
client can obtain its network information.
NDBM is an improved version of DBM.
- network mask
A number used by software to separate the local subnet address from
the rest of a given Internet protocol address.
- network password
See Secure RPC password.
A distributed network information service containing key information about the systems and
the users on the network. The NIS database is stored on the
master server and all the replica or slave servers.
A distributed network information service containing hierarchical information about the systems and
the users on the network. The NIS+ database is stored on the
master server and all the replica servers.
- NIS-compatibility mode
A configuration of NIS+ that allows NIS clients to have access to
the data stored in NIS+ tables. When in this mode, NIS+ servers
can answer requests for information from both NIS and NIS+ clients.
- NIS maps
A file used by NIS that holds information of a particular type,
for example, the password entries of all users on a network or
the names of all host machines on a network. Programs that are
part of the NIS service query these maps. See also NIS.
- parent domain
- preferred server list
A client_info table or a client_info file. Preferred server lists specify the
preferred servers for a client or domain.
- private key
The private component of a pair of mathematically generated numbers, which, when
combined with a private key, generates the DES key. The DES key
in turn is used to encode and decode information. The private key
of the sender is only available to the owner of the key.
Every user or machine has its own public and private key pair.
- public key
The public component of a pair of mathematically generated numbers, which, when
combined with a private key, generates the DES key. The DES key
in turn is used to encode and decode information. The public key
is available to all users and machines. Every user or machine has
their own public and private key pair.
Relative Distinguished Name. One part of a DN.
- remote procedure call (RPC)
An easy and popular paradigm for implementing the client-server model of distributed
computing. A request is sent to a remote system to execute a
designated procedure, using arguments supplied, and the result is returned to the
- reverse resolution
The process of converting workstation IP addresses to workstation names using the
- RFC 2307
RFC specifying a mapping of information from the standard NIS maps to
DIT entries. By default, the N2L service implements the mapping specified in
an updated version RFC 2307bis.
- root domain
See remote procedure call (RPC).
The simple authentication and security layer. A framework for negotiating authentication and
security layer semantics in application-layer protocols.
A set of rules defining what types of data can be stored
in any given LDAP DIT.
A description of where to look for a given attribute in the
DIT. The searchTriple is composed of a 'base dn', 'scope' and 'filter'.
This is part of the LDAP URL format as defined in RFC
- Secure RPC password
Password required by Secure RPC protocol. This password is used to encrypt
the private key. This password should always be identical to the user's
(1) In NIS+, NIS, DNS, and LDAP a host machine providing naming
services to a network.
(2) In the client-server model for file systems, the server is a machine
with computing resources (and is sometimes called the compute server), and large
memory capacity. Client machines can remotely access and make use of these
resources. In the client-server model for window systems, the server is a
process that provides windowing services to an application, or “client process.” In this
model, the client and the server can run on the same machine
or on separate machines.
(3) A daemon that actually handles the providing of files.
- server list
See preferred server list.
- slave server
(1) A server system that maintains a copy of the NIS database.
It has a disk and a complete copy of the operating environment.
(2) Slave servers are called replica servers in NIS+.
NIS source files
SSL is the secure sockets layer protocol. It is a generic transport-layer
security mechanism designed to make application protocols such as LDAP secure.
A working scheme that divides a single logical network into smaller physical
networks to simplify routing.
In LDAP, the distinguished name (DN) of the DIT.
In NIS+ a two-dimensional (nonrelational) database object containing NIS+ data in rows
and columns. (In NIS an NIS map is analogous to a NIS+
table with two columns.) A table is the format in which NIS+
data is stored. NIS+ provides 16 predefined or system tables. Each table
stores a different type of information.
See Transport Control Protocol (TCP).
Acronym for Transport Control Protocol/Interface Program. The protocol suite originally developed for
the Internet. It is also called the Internet protocol suite. Solaris networks
run on TCP/IP by default.
- Transport Control Protocol (TCP)
The major transport protocol in the Internet suite of protocols providing reliable,
connection-oriented, full-duplex streams. Uses IP for delivery. See TCP/IP.
- Transport Layer Security (TLS)
TLS secures communication between an LDAP client and the directory server, providing
both privacy and data integrity. The TLS protocol is a super set
of the Secure Sockets Layer (SSL) protocol.
- wide-area network (WAN)
A network that connects multiple local-area networks (LANs) or systems at different
geographical sites via phone, fiber-optic, or satellite links.
A global-level directory service defined by an Open Systems Interconnection (OSI) standard.
A precursor to LDAP.
Yellow PagesTM. The old name for NIS which is still used within the