Home

ypbind

ypbind is a daemon that binds a host to a Network Information Service (NIS, formerly known as YP) domain. It runs on NIS client machines and is responsible for locating an NIS server and establishing a binding so the client can retrieve NIS maps, such as passwd, group, hosts, and other domain data. By binding to a server, the client can fetch and cache the maps needed for user authentication and other name-resolution services.

The binding process begins with determining the NIS domain. ypbind can discover servers by broadcast on the

Configuration and operation: On most UNIX-like systems, ypbind starts at boot and runs as a background service.

Security considerations: NIS traffic is unencrypted and relies on network-level trust, making it vulnerable to spoofing

History: ypbind originated with Sun Microsystems as part of the ONC/NIS suite in the 1980s and remains

local
network
or
use
a
configured
list
of
servers
provided
by
the
system’s
NIS
configuration
(for
example,
in
/etc/yp.conf
on
some
systems)
or
via
nisdomainname.
Once
a
server
is
identified,
ypbind
communicates
with
the
server’s
ypserv
service
using
RPC
to
obtain
the
server’s
address
and
to
establish
the
binding
for
the
domain.
If
the
chosen
server
becomes
unavailable,
ypbind
can
select
a
different
server
from
the
available
set.
The
domain
is
set
with
system
tools
such
as
nisdomainname,
and
server
preferences
may
be
defined
in
configuration
files
or
via
command-line
options.
Utilities
like
ypwhich,
yppoll,
and
ypcat
are
often
used
to
inspect
the
current
binding,
the
available
servers,
and
the
maps
provided
by
the
NIS
domain.
and
interception.
It
is
typically
restricted
to
trusted
networks
or
VPNs,
and
many
administrators
consider
migrating
to
more
secure
directory
services
such
as
LDAP
with
TLS/Kerberos
or
other
modern
authentication
mechanisms.
present
in
many
UNIX-like
systems,
though
its
use
has
declined
in
favor
of
more
secure
directory
services.