Nsswitch.conf modification requires reboot?

I have a couple Solaris 10 SPARC machines running. I am trying to modify nsswitch.conf to add/remove the dns entry for hosts. It seems that this can not be done on the fly as it used to be in previous versions (9,8,7)
Many posts I have seen have provided one of the two following options.
Modify nsswitch.conf and reboot
sys-unconfig and reboot.
Neither of these are really valid options on any machine that is not just the average desktop and even then it is arguable that a simple change like this should not require a reboot. I have trying bouncing nscd and/or name-services with svcadm but no luck.
Anyone know how I can make changes to nsswitch.conf and have them take place without a reboot? Also, is there something in 10 that caches names besides nscd? Does it have a restart or flush option?
Thanks!

Changes to nsswitch.conf take effect immediately.
If you change the IP address for a host, you may have to wait for up to an hour to see the new value, as the NSCD (Name Service Cache Daemon) may have the old value cached.
In this case, the easiest thing to do is invalidate the NSCD hosts cache, using nscd -i hosts.
BTW - Do not diable the nscd. It's saving you a lot of overhead. You can see what it's doing by using nscd -g.
There's no point in rebooting unless you're changing the IP address of your host. In that case, after changing /etc/hosts, you can either ifconfig the new address on to your interface (and possiblery reconnect) or reboot.

Similar Messages

  • Nsswitch.conf after reboot delete my modification

    Hi.
    I need a line "files winbind" on nsswitch.conf to enable login of samba/ad users
    I did so
    svccfg -s svc:/system/name-service/switch:default
    setprop config/password = astring: "files winbind"
    setprop config/group = astring: "files winbind"
    validate
    refresh
    svcadm refresh svc:/system/name-service/switch:default
    and then i check wibind
    grep winbind /etc/nsswitch.conf
    and return ok the lines.
    But on reboot change are missing!
    Why?

    Certainly because the NWAM service is running.
    Check if svc:/network/location:default is enabled.

  • LDAP, reboots, nsswitch.conf

    I've seen other questions on LDAP, but not with these symptoms.
    I have an LDAP server (Linux) and an iMac with 10.5 as a client.
    - After a fresh install I set up the client with Directory Utility to do user name lookups on the server. It works.
    - I reboot the client. LDAP no longer works.
    - I delete, and re-add, the info in Directory Utility. It still does not work.
    - I delete the info in Directory Utility. I reboot. I then re-add the info in Directory Utility. It works again.
    ldapsearch always works after adding the info in Directory Utility. It looks like it 'forgets' that I want the user lookup to use LDAP across reboots. That information, incidentally, is usually contained in nsswitch.conf in a Linux/UNIX system.
    Anyone know what is going on? Also, how does 10.5 know that user info should be looked up in LDAP? Or is an LDAP search always done?

    I too would like to know what the OS X equivalent of the nsswitch.conf file is... we're tryin to setup Kerberos for single sign on into our Windows AD domain.

  • Solaris 11 Express - nsswitch.conf settings lost after system reboot

    I have made the follow changes to my /etc/nsswitch.conf file below. everything work good until i reboot the system, i look in the nsswitch.conf file and see that the setting are back to default. What am i doing wrong?
    Changes
    passwd: files winbind
    group: files winbind
    Default
    passwd: files
    group: files

    Hi,
    please use the search function.
    Have a look at the 2nd last post:
    Re: resolv.conf - blank every new start of machine or waking up from sleep
    Bye

  • Nsswitch.conf

    Hi everyone,
    I'm going to start by mentioning that I'm new to solaris. I've mostly been an archlinux user thus far. Now I've built a new fileserver and decided to run solaris because I felt that ZFS had a lot to offer, and I'm playing with the idea of moving my webserver into a zone on this new box in order to take the dedicated system offline as it's underutilized.
    Now the main things I need so far are kerberos for active directory integration, and smb for file sharing, this seems fairly simple to me, and nothing I haven't done on a typical Linux system
    but I'm having problems. getting things going has not been as painless as I expected, I've hit a learning curve so to speak and I'm having a few issues.
    I'm going to start with winbind.
    How do I configure the nsswitch.conf so that it doesn't get reset after I reboot the system?
    everytime I boot, I have to reconfigure it, and restart winbind in order to get anything listed with getent
    the other thing there, is when I run getent passwd, I see my AD users listed. but when I run getent group, I only see the local groups, nothing from AD appears

    I took another stab at the kclient config. i'd like to know what i'm missing here though
    solaris@srv-data:~$ sudo svccfg -s network/dns/client setprop config/nameserver = net_address: "(10.66.1.1 10.66.1.9)"
    Password:
    solaris@srv-data:~$ sudo svccfg -s network/dns/client setprop config/domain = astring: "sergeinc.org
    solaris@srv-data:~$ sudo svccfg -s network/dns/client setprop config/domain = astring: "sergeinc.org"
    solaris@srv-data:~$ sudo svccfg -s network/dns/client setprop config/search = astring: "sergeinc.org"
    solaris@srv-data:~$ sudo svccfg -s network/dns/client setprop config/host = astring: '("files" "dns")'
    solaris@srv-data:~$ sudo nscfg export svc:/network/dns/client:default
    solaris@srv-data:~$ cat /etc/resolv.conf
    +#+
    +# AUTOGENERATEDFROM_SMF_V1_+
    +#+
    +# WARNING: THIS FILE GENERATED FROM SMF DATA.+
    +# DO NOT EDIT THIS FILE. EDITS WILL BE LOST.+
    +# See resolv.conf(4) for details.+
    domain  sergeinc.org*
    search  sergeinc.org*
    nameserver      10.66.1.1*
    nameserver      10.66.1.9*
    solaris@srv-data:~$ cat /etc/nsswitch.conf
    +#+
    +# AUTOGENERATEDFROM_SMF_V1_+
    +#+
    +# WARNING: THIS FILE GENERATED FROM SMF DATA.+
    +# DO NOT EDIT THIS FILE. EDITS WILL BE LOST.+
    +# See nsswitch.conf(4) for details.+
    passwd: files winbind
    group:  files winbind
    hosts:  files dns mdns
    ipnodes:        files dns mdns
    networks:       files
    protocols:      files
    rpc:    files
    ethers: files
    netmasks:       files
    bootparams:     files
    publickey:      files
    netgroup:       files
    automount:      files
    aliases:        files
    services:       files
    printers:       user files
    project:        files
    auth_attr:      files
    prof_attr:      files
    tnrhtp: files
    tnrhdb: files
    sudoers:        files
    solaris@srv-data:~$ sudo svccfg -s name-service/switch setprop config/host = astring: '("files dns")'
    solaris@srv-data:~$ sudo svccfg -s name-service/switch setprop config/ipnodes = astring: '("files dns")'
    solaris@srv-data:~$ sudo svcadm refresh svc:/system/name-service/switch:default
    solaris@srv-data:~$ cat /etc/nsswitch.conf
    +#+
    +# AUTOGENERATEDFROM_SMF_V1_+
    +#+
    +# WARNING: THIS FILE GENERATED FROM SMF DATA.+
    +# DO NOT EDIT THIS FILE. EDITS WILL BE LOST.+
    +# See nsswitch.conf(4) for details.+
    passwd: files winbind
    group:  files winbind
    hosts:  files dns*
    ipnodes:        files dns*
    networks:       files
    protocols:      files
    rpc:    files
    ethers: files
    netmasks:       files
    bootparams:     files
    publickey:      files
    netgroup:       files
    automount:      files
    aliases:        files
    services:       files
    printers:       user files
    project:        files
    auth_attr:      files
    prof_attr:      files
    tnrhtp: files
    tnrhdb: files
    sudoers:        files
    solaris@srv-data:~$ sudo cp /etc/krb5/krb5.conf /etc/krb5/krb5.conf.backup
    solaris@srv-data:~$ kclient
    Can not create directory: /system/volatile/kclient
    solaris@srv-data:~$ sudo kclient
    Starting client setup
    +Is this a client of a non-Solaris KDC ? [y/n]: y+
    Which type of KDC is the server:
    ms_ad: Microsoft Active Directory
    mit: MIT KDC server
    heimdal: Heimdal KDC server
    shishi: Shishi KDC server
    Enter required KDC type: ms_ad
    Setting up /etc/krb5/krb5.conf.
    Attempting to join 'SRV-DATA' to the 'SERGEINC.ORG' domain.
    Password for [email protected]:
    Forest name found: sergeinc.org
    Site name not found.  Local DCs/GCs will not be discovered.+
    Computer account 'SRV-DATA' already exists in the 'SERGEINC.ORG' domain.
    +Do you wish to recreate this computer account ? [y/n]: y+
    +Would you like to delete any sub-object found for this computer account ? [y/n]: y+
    Looking to see if the machine account contains other objects...
    Creating the machine account in AD via LDAP.
    Warning: unable to create DNS records for client.
    This could mean that 'srv-ad.sergeinc.org' is not included as a 'nameserver' in the /etc/resolv.conf file or some other type of error.
    Setup COMPLETE.
    so that all seemed well.....but then after a reboot....
    solaris@srv-data:~$ cat /etc/nsswitch.conf
    +#+
    +# AUTOGENERATEDFROM_SMF_V1_+
    +#+
    +# WARNING: THIS FILE GENERATED FROM SMF DATA.+
    +# DO NOT EDIT THIS FILE. EDITS WILL BE LOST.+
    +# See nsswitch.conf(4) for details.+
    passwd: files
    group:  files
    hosts:  files dns mdns*
    ipnodes:        files dns mdns*
    networks:       files
    protocols:      files
    rpc:    files
    ethers: files
    netmasks:       files
    bootparams:     files
    publickey:      files
    netgroup:       files
    automount:      files
    aliases:        files
    services:       files
    printers:       user files
    project:        files
    auth_attr:      files
    prof_attr:      files
    tnrhtp: files
    tnrhdb: files
    sudoers:        files
    solaris@srv-data:~$ cat /etc/resolv.conf
    +#+
    +# AUTOGENERATEDFROM_SMF_V1_+
    +#+
    +# WARNING: THIS FILE GENERATED FROM SMF DATA.+
    +# DO NOT EDIT THIS FILE. EDITS WILL BE LOST.+
    +# See resolv.conf(4) for details.+
    domain  sergeinc.org*
    nameserver      10.66.1.1*
    solaris@srv-data:~$

  • Configure resolv.conf nsswitch.conf etc to search .local

    After installing a new router I find I cannot ping hosts on my local network using just the simple hostname.
    I used to be able to ping myhost, but now I find I need to ping myhost.local.
    My nsswitch.conf hosts line looks like
    hosts: files mdns4_minimal [NOTFOUND=return] dns myhostname wins
    I tried adding various search values to  /etc/resolv.conf, but couldn't find one that worked.
    Is there a way to get the .local domain searched, my router (although expensive) doesn't seem to facilitate this?

    After some digging in the nss-mdns package source I find that the option to respect resolv.conf search domains is turned off in the Arch build. However, a simple patch to nss.c seems to fix things up fairly easily. A more complex one would be required to respect the /etc/mdns.allowed file domains. It seems like such an obvious thing to do for domainless searches that I wonder why this wasn't done by the original author.
    $ diff nss.c.orig nss.c
    380a381,407
    > if (u.count == 0 && avahi_works && !strstr(name, ".")) {
    > const char *p="local";
    > int fullnamesize;
    > char *fullname;
    > fullnamesize = strlen(name) + strlen(p) + 2;
    > if ((fullname = malloc(fullnamesize))){
    > snprintf(fullname, fullnamesize, "%s.%s", name, p);
    > if (verify_name_allowed(fullname)) {
    > int r;
    > if ((r = avahi_resolve_name(af, fullname, data)) < 0) {
    > /* Lookup failed */
    > avahi_works = 0;
    > }
    > else if (r == 0) {
    > /* Lookup succeeded */
    > if (af == AF_INET && ipv4_func)
    > ipv4_func((ipv4_address_t*) data, &u);
    > if (af == AF_INET6 && ipv6_func)
    > ipv6_func((ipv6_address_t*)data, &u);
    > }
    > else
    > /* Lookup suceeded, but nothing found */
    > status = NSS_STATUS_NOTFOUND;
    > }
    > free(fullname);
    > }
    > }

  • My file nsswitch.conf says files only

    Hello Lee , How can I change fo files dns.Thanks Thanks Thanks!

    make sure that you've a name sever specified in /etc/resolv.conf and this dns is reachable from your host. Add "dns" to the line "host: files" in "/etc/nsswitch.conf" file. The line should look like "host: files dns" after you save your "nsswitch.conf" file. You may need to reboot your host.

  • Both Firefox & Thunderbird won't reopen after closing. require reboot

    When I close Firefox or Thunderbird, they do not reopen later. Dialog box says they are still running, but process won't close in task manager. System requires reboot to get back in

    Maybe your security (Anti-virus) software is checking files while Firefox is starting and takes so much time that Firefox can't access them and decides to skip loading those locked files. If that happens with sqlite database files like places.sqlite then bookmarks won't work properly. A second start works because the AV software had already checked the file. So you need to check the rules for Firefox in your security software.
    A possible cause is security software (firewall) that blocks or restricts Firefox possibly after detecting changes (update) to the Firefox program.
    Remove all rules for Firefox from the permissions list in the firewall and let your firewall ask again for permission to get full unrestricted access to internet for Firefox.
    See [[Server not found]] and [[Firewalls]] and http://kb.mozillazine.org/Firewalls

  • NIS+ and nsswitch.conf settings

    I am pretty new to NIS+, but I'm investigating setting it up in environment to help alleviate management of various files on a per-system basis. For NIS+, there is the concept of a master server and a replica server. If the master server goes down then then the replica takes over.
    If for any reason both master and replica servers are down, then the /etc/nsswitch.conf file determines the order of precedence. The entry for passwd in the nsswitch.conf file is:
    passwd: files nisplus
    One of my goals of setting up NIS+ is to alleviate having to manage a password file for each machine. If for some reason both of my NIS+ servers are down, it will revert back to the /etc/passwd file. Does this mean I would still need to have an /etc/passwd for each machine as a safeguard? or does NIS+ perform some kind of syncing mechanism to maintain local consistency of files for clients?
    Many Thanks

    Nope, he was right. If you look at the /etc/nsswitch.conf (or nsswitch.nisplus if you haven't moved it in yet) you'll see the entry:
    passwd: files nisplus
    The order of the lookup is "files" (which is your /etc/passwd file) first, and then if it can't find the entry there it will go out to the nis+ server. So essentially you'd take the users you want to use NIS out of the client passwd file and put them into the NIS+ passwd file.
    I think the problem you're having is that you still want the users to have the access to the client & resources, even if the master & secondary servers go down. That's just not possible. The master & replica servers are there to provide the functionality of centralized user management. If that functionality is lost, then naturally you will see degradation in the quality of service you provide to the end user. So if both servers do go down, then your users will also be down. That is why there is redundancy built into the NIS+ system so that if one of the NIS+ servers go down, the client has a secondary server it can contact & authenticate to. The theory is that you can get the primary server back up and running while your secondary server handles the load. If you are concerned about the master & secondary server going down at the same time, then please note that you can have more then one secondary NIS+ server.
    Daryl

  • Lightroom 5.5 64-bit Will Not Import Photos Into Catalog; When I Click on "Import", Lightroom 5.5 stops working and requires reboot; Help.

    When I Click on "Import", Lightroom 5.5 stops working and requires reboot; Help. Import feature was working yesterday when I first installed Lightroom v5.5.

    Go to the bibliothec module, select the folder, right click on the folder and hit synchronize
    Sorry I have only a german version , so don't know what your menu will show.

  • Question about 'hosts: cluster' entry in /etc/nsswitch.conf

    Hi~
    my system have "hosts: cluster files dns" entry in /etc/nsswitch.conf.
    I know 'files' to see the '/etc/hosts'.
    I want to know that 'cluster' to see 'what file'.
    Thanks,

    'cluster' denotes internal lookups, i.e. no file on the file system. If I recall correctly, it allows the system to look up the cluster interconnect private addresses.
    Tim
    ---

  • My iPad constantly requires rebooting since latest software update.I have done clean install started from scratch and it still continues

    My iPad 2 has given me many months of hassle free usage. I have recently [earlyApril] updated the software. Now every time I go to use it I am forced to hold bottom and top button to boot IPad .Eventually it kicks in and as long as I'm using it its fine. If I leave alone it goes down and requires rebooting.
    Have tried total factory reset and it continues to malfunction. apple have informed me that a hardware repair would be £206 for a fix or replacement.I find this unacceptable considering the iPad has been well cared for &amp; never dropped etc .Any help greatly appreciated.

    So, I have managed to get my iPad to stop showing the "connect to iTunes" screen. I did this by plugging it in to my husband's PC and trying to restore from the backup I left there many many months ago.
    The restore FAILED error 3194 (I looked it up it's the same error as the one I got on my macintosh "device is isn't eligible for the requested rebuild"
    But the restore attempt mad the "connect to iTunes" screen go away, now it has 4.3.1 again with the special multitouch update.
    BUT I STILL CAN'T RESTORE! Why not? I've been searching all over the web and I can find nothing that helps.
    It's not like I jailbroke it... can anyone help me please?

  • Hello out there... my superdrive always seems to be "off" using it requires rebooting the mini, and luck

    hello out there... my superdrive always seems to be "off" using it requires rebooting the mini, and luck

    Hello, I assume this is an external drive?
    If so, does unplugging it and or plugging it into a different USB port bring it back?

  • I removed my named.conf file and rebooted, zones blank, but dns now works...

    Folks,
    After upgrading from OS X server Mountain Lion, i skipped 'Mavericks' and upgraded when Yosemite and server 4 came out...
    Something whacky happened w/ my DNS(probably had temp info so i could upgrade to Yosemite...) anyway, everything worked,
    EXCEPT, i could not pull up my website that i am running on said server on internal network... all worked from outside...
    So... i renamed my 'named.conf' file and rebooted. EXCELLENT! everything works! EXCEPT! my DNS zones are not listed on the DNS control panel in server...
    YET, EVERYTHING STILL WORKS! even after a reboot! db Files are still in named directory, but not listed in Zones panel...
    at this point, since everything is working, i'm really reluctant to keep troubleshooting, but i would like to know why it's still working, and how i can rewrite the named.conf file so it will continue working... named.conf file contains:
    options {
    forwarders {
    68.XX.XXX.XXX;
    i masked out the actual IP - thanks!
    Rich Z

    Hi Moses.
    Here are the crash id's.. however, since disabling all extensions apart from firebug, it's no longer crashing. However, I'm still having trouble loading javascript files... I'm testing a .js file with only an alert statement in it, and the file isn't being found. I've checked the file for funny characters, line breaks are set to Unix LF, encoding is Unicode UTF-8 no Bom. I'm using php codeigniter, not sure if that would cause issues. I just can't think what is going wrong!
    I'm only using firefox so I can use firebug, so disabling firebug isn't an option. I've re-installed the latest firebug 1.5.4.
    http://crash-stats.mozilla.com/report/index/bp-526dd7f8-1f36-4ae6-b076-d8abb2100609
    http://crash-stats.mozilla.com/report/index/bp-b9adb719-a97a-4302-a4d1-55bea2100211

  • Trouble using nsswitch.conf

    Hello,
    In order to make some ldap replication test, I need to give an ldap service a fake IP address for a known host. It used to work on previous versions of Solaris.
    my nsswitch.conf file defines host as :
    hosts: files dns
    On Solaris 9, if I define in /etc/hosts
    1.2.3.4 www.sun.com
    and I telnet to www.sun.com
    host# telnet www.sun.com
    Trying 1.2.3.4...
    I get the correct answer
    On Solaris 10 box, there always a dns request and the /etc/hosts file is ignored.
    I tried to invalide the nscd cache with an nscd -i hosts but I still get the same behaviour.
    Any idea ?
    Regards,
    Fred.

    The problem may not be with /etc/hosts.
    This is actually a link to /etc/inet/hosts and you will also notice the file /etc/inet/ipnodes. If there is an entry in /etc/inet/ipnodes for the host in question, it will get read before /etc/inet/hosts.
    At least this is what I have encountered when trying to change the IP address of my system and not realizing that in Solaris 10 it included my host in this file even though it was only in /etc/inet/hosts under Solaris 9.

Maybe you are looking for