Re: Obtaining NIS domainname from Gatorbox

Luke Mewburn (
Fri, 14 Apr 1995 17:10:54 +1000 (EST)

> On Wed, 12 Apr 1995, der Mouse wrote:

> > > Maybe a good reason to join the crowd and not run NIS?
> > 
> > I wish.  It's clear to me that NIS is a big problem.  But what else is
> > out there?  We have a definite need to share passwd databases across
> > many machines, from multiple vendors, none of which we have source code
> > to.  How close to a solution can we get?

> A wild idea, straight off the top of my head: what about using the DNS
> mechanisms?  Apologies if this has been suggested and flamed before...

Hesiod (HS class DNS) can be used instead of NIS for most things.
ULTRIX boxes have it built in, and we use it instead of NIS
(except we use NIS for netgroups; if I could change the OS to use DNS
for netgroups I would)

Unfortunately, like NIS, you can extract the encrypted password field
out of the system. Commands like nslookup comment this out, but if you
have 'host' (comes with bind 4.9.7b17, also at
you can do:
	host -t txt -c hs username.passwd.`domainname`
and you get something like:        TXT
	    "username:ABCDEFGHIJKLM:9999:9999:User Name:/users/username:/bin/sh"

Which is why Kerberos exists :)