Although NIS+ is provided with AIX 4.3.3, NIS+ tables can be accessed by workstations running NIS. To access NIS+ service on machines running NIS, you must run the NIS+ servers in NIS-compatibility mode.
NIS-compatibility mode enables an NIS+ server to answer requests from NIS clients while continuing to answer requests from NIS+ clients. NIS+ does this by providing two service interfaces. One responds to NIS+ client requests, while the other responds to NIS client requests.
This mode does not require any additional setup or changes to NIS clients. In fact, NIS clients are not even aware that the server that is responding is not an NIS server -- except for some differences including: the NIS+ server running in NIS-compatibility mode does not support the ypupdate and ypxfr protocols and thus it cannot be used as a replica or master NIS server. For more information on NIS-compatibility mode, see Using NIS-Compatibility Mode.
Note: In AIX 4.3.3 and later releases, the NIS-compatibility mode supports DNS-forwarding.
Two more differences need to be pointed out. One is that instructions for setting up a server in NIS-compatibility mode are slightly different than those used to set up a standard NIS+ server. For details, see Using NIS-Compatibility Mode. The other is that NIS-compatibility mode has security implications for tables in the NIS+ namespace. Since the NIS client software does not have the capability to provide the credentials that NIS+ servers expect from NIS+ clients, all their requests are classified as unauthenticated. Therefore, to allow NIS clients to access information in NIS+ tables, those tables must provide access rights to unauthenticated requests. This is handled automatically by the utilities used to set up a server in NIS-compatibility mode, as described in Setting Up NIS+ Servers. For more information about the authentication process and NIS-compatibility mode, see Chapter 7, Security.