This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
LDIF Examples Of NIS Migrated Entries
LDIF Examples Of NIS Migrated Entries

Version management

Difference between version and

At line 1 added 423 lines
[{TableOfContents}]
!!! Overview
We know [LDAP], but [NIS] and all the different ways that NIS MAPs are implemented were confusing. The data presented is based on a "real" implementation as we saw things to make [LDAP] return the same values as were presented form the [NIS] servers to clients.
Use with caution as your mileage may vary (Well, your [NIS] may vary.)
Keep in mind the different [LDAP schema used by autofs].
!! passwd and shadow
Typical location in LDAP: ou=people or ou=users
Map Format:
{{{loginname:password:uidNumber|defaultgidNumber:gecos:homeDirectory:loginShell}}}
Example map entry:
{{{jwilleke:x:52658:280:Jim Willeke, 213-449-7111:/home/jwilleke:/usr/bin/ksh}}}
LDAP entry would be:
{{{
dn: uid=user1,ou=People,dc=willeke,dc=com
uid: user1
cn: user1
uidnumber: 199995
gidnumber: 20
gecos: Joe Smith [New York]
homedirectory: /home/user1
loginshell: /bin/csh
objectclass: top
objectclass: shadowAccount
objectclass: account
objectclass: posixAccount
objectclass: nisKeyObject
objectclass: inetOrgPerson
}}}
!!!passwd and publickey
Typical location in LDAP: ou=people or ou=users
Map Format:
{{{name publickey:encryptedPrivateKey}}}
Example map entry:
{{{nobody 9cc01614d929848849add28d090acdaa1c78270aeec969c9:9999999998769c999c39e7a6ed4e7afd687d4b99908b4de99}}}
LDAP entry would be:
{{{
dn: uid=nobody,ou=People,dc=willeke,dc=com
uid: nobody
cn: nobody
uidnumber: 199995
gidnumber: 20
gecos: nobody
homedirectory: /home/nobody
loginshell: /bin/csh
nisPublicKey: 9cc01614d929848849add28d090acdaa1c78270aeec969c9
nisSecretKey: 9999999998769c999c39e7a6ed4e7afd687d4b99908b4de99
objectclass: top
objectclass: shadowAccount
objectclass: account
objectclass: posixAccount
objectclass: nisKeyObject
objectclass: inetOrgPerson
}}}
!!![group|posixGroup]
Typical location in LDAP: ou=group
Map Format:
{{{groupname:*:memberUid,memberUid,memberUid}}}
Example map entry:
{{{mygroup:*:441:user1,user2,user3}}}
LDAP entry would be:
{{{
dn: cn=mygroup,ou=Group,ou=unix,dc=willeke,dc=com
cn: mygroup
gidnumber: 4441
memberuid: user1
memberuid: user2
memberuid: user3
objectclass: top
objectclass: posixGroup
}}}
!!!services
{{{
dn: cn=name+ipServiceProtocol=udp,ou=Services,ou=unix,dc=willeke,dc=com
cn: name
cn: nameserver
ipserviceprotocol: udp
ipserviceport: 42
objectclass: top
objectclass: ipService
}}}
!!! [netgroup]
Typical location in LDAP: ou=netgroup
Map Format:
Example map entry:
LDAP entry would be:
{{{
cn=mynetgroup,ou=netgroup,dc=central,dc=sun,dc=com
objectclass=nisNetgroup
objectclass=top
cn=mynetgroup
nisnetgrouptriple=(user1..mydc.mycom.com,-,)
nisnetgrouptriple=(user1.,-,)
membernisnetgroup=mylab
}}}
!!!hosts and publickey
Typical location in LDAP: ou=hosts
Map Format:
{{{IP-address official-host-name nickname1 nickname2 nicknames...}}}
Example map entry:
{{{200.20.20.99 myhost jimshost # host 1 - floor 1 - Lab a - building b}}}
LDAP entry would be:
{{{
dn: cn=myhost+ipHostNumber=200.20.20.99,ou=Hosts,ou=unix,dc=willeke,dc=com
cn: myhost
cn: jimshost
iphostnumber: 200.20.20.99
description: host 1 - floor 1 - Lab a - building b
nispublickey: 9cc01614d929848849add28d090acdaa1c78270aeec969c9
nissecretkey: 9999999998769c999c39e7a6ed4e7afd687d4b99908b4de99
objectclass: top
objectclass: NisKeyObject (AUX)
objectclass: device
objectclass: ipHost (AUX)
}}}
!!!networks and netmasks
Typical location in LDAP: ou=networks
Map Format:
Example map entry:
{{{anoc-1 129.230 anoc-1}}}
LDAP entry would be:
{{{
dn: ipNetworkNumber=129.230,ou=Networks,ou=unix,dc=willeke,dc=com
cn: anoc-1
ipnetworknumber: 129.144
objectclass: top
objectclass: ipNetwork
description: your Lab Network
ipnetmasknumber: 255.255.255.0
}}}
Example map entry:
{{{200.20.20.0 255.255.255.0}}}
LDAP entry would be:
{{{
dn: ipNetworkNumber=200.20.20.0,ou=Networks,ou=unix,dc=willeke,dc=com
cn: 200-20-20
ipnetworknumber: 200.20.20.0
objectclass: top
objectclass: ipNetwork
description: my Lab Network
ipnetmasknumber: 255.255.255.0
}}}
Example 2:
Example map entry:
{{{129.144 255.255.255.0}}}
LDAP entry would be:
{{{
dn: ipNetworkNumber=129.144,ou=Networks,ou=unix,dc=willeke,dc=com
cn: 129.144
ipnetworknumber: 129.144
objectclass: top
objectclass: ipNetwork
description: your Lab Network
ipnetmasknumber: 255.255.255.0
}}}
Example 3:
Example map entry:
{{{arpanet 10 arpa # Historical}}}
LDAP entry would be:
dn: ipNetworkNumber=10,ou=Networks,ou=unix,dc=willeke,dc=com
cn: arpanet
cn: arpa
ipnetworknumber: 10
objectclass: top
objectclass: ipNetwork
description: Historical
ipnetmasknumber: 255.0.0.0
}}}
!!!rpc
Typical location in LDAP: ou=rpc
Map Format:
Example map entry:
{{{logger 100102 na.logger # SunNet Manager}}}
LDAP entry would be:
{{{
dn: cn=logger,ou=Rpc,ou=unix,dc=willeke,dc=com
cn: logger
cn: na.logger
oncrpcnumber: 100102
description: SunNet Manager
objectclass: top
objectclass: oncRpc
}}}
!!!protocols
Typical location in LDAP: ou=networks
Map Format:
Example map entry:
{{{
ipv6 41 IPv6 # IPv6 in IP encapsulation
}}}
LDAP entry would be:
{{{
dn: cn=ipv6,ou=Protocols,ou=unix,dc=willeke,dc=com
cn: IPv6
ipprotocolnumber: 41
description: IPv6 in IP encapsulation
description: transmission control protocol
objectclass: top
objectclass: ipProtocol
}}}
!!!ethers and bootparams
Typical location in LDAP: ou=ethers
Example map entry (ethers):
{{{8:1:21:71:31:c1 myhost}}}
Example map entry (bootparams):
{{{myhost root=boothost:/export/a/b/c/d/e}}}
LDAP entry would be:
{{{
dn: cn=myhost,ou=Ethers,ou=unix,dc=willeke,dc=com
macaddress: 8:1:21:71:31:c1
bootparameter: root=boothost:/export/a/b/c/d/e
objectclass: top
objectclass: device
objectclass: ieee802Device (AUX)
objectclass: bootableDevice (AUX)
cn: myhost
}}}
!!!publickey
{{{
dn: cn=myhost+ipHostNumber=200.20.20.99,ou=Hosts,ou=unix,dc=willeke,dc=com
cn: myhost
iphostnumber: 200.20.20.99
description: Joe Smith
nispublickey: 9cc01614d929848849add28d090acdaa1c78270aeec969c9
nissecretkey: 9999999998769c999c39e7a6ed4e7afd687d4b99908b4de99
objectclass: top
objectclass: NisKeyObject
objectclass: device
objectclass: ipHost
}}}
!!!aliases
For an entry form a NIS make file similar to:
{{{amass: bestj@mailbox,titschr@mailbox,gayhead@mailbox,vansicr@mailbox}}}
You would create an LDAP entry like:
{{{
dn: cn=amass,ou=Aliases,ou=unix,dc=willeke,dc=com
mgrpRFC822mailmember: bestj@mailbox
mgrpRFC822mailmember: titschr@mailbox
mgrpRFC822mailmember: gayhead@mailbox
mgrpRFC822mailmember: vansicr@mailbox
mail: amass
objectClass: mailGroup
objectClass: groupOfNames
objectClass: Top
cn: amass
}}}
[Aliases File Format|AliasesFileFormat]
[Original mailGroup schema from NetScape|Original Mailgroup Schema From Netscape] Note that only cn, mgrpRFC822mailmember and mail are used form the original objectClass.
!!![solarisProject]
For an entry form a NIS make file similar to:
{{{dcdi01p01:1001:king:oracle::project.cpu-shares=(privileged,30,none)}}}
You would create an Entry like:
{{{
dn: SolarisProjectName=dcdi01p01,ou=Projects,ou=unix,dc=willeke,dc=com
SolarisProjectName: dcdi01p01
SolarisProjectID: 1001
SolarisProjectAttr: project.cpu-shares=(privileged,30,none)
memberUid: oracle
objectClass: SolarisProject
objectClass: Top
description: king
}}}
!!![Automount|LDAP schema used by autofs]
The following shows an [example] of a direct AutoFS map, auto_direct, stored in the LDAP directory server using new (rfc-2307bis) automount schema:
{{{
dn:automountMapName=auto_direct,dc=nishpind
objectClass: top
objectClass: automountMap
automountMapName: auto_direct
dn:automountKey=/mnt_direct/test1,automountMapname=auto_direct, dc=nishpind
objectClass: top
objectClass: automount
automountInformation:hostA:/tmp
automountKey: /mnt_direct/test1
dn:automountKey=/mnt_direct/test2,automountMapname=auto_direct, dc=nishpind
objectClass: top
objectClass: automount
automountInformation:hostB:/tmp
automountKey:/mnt_direct/test2
}}}
Automounts become a DIT structure similar to:
{{{
dc=com
|--dc=willeke
|---ou=Unix
|----automountMapName=auto_direct
|-----automountKey=/mnt_direct/test1
|-----automountKey=/mnt_direct/test2
}}}
!!!Printers
Includes [RFC-3712 and SUN-Printer Schema|RFC3712PrinterSchema].
This one seems to not work the way we expected. Given a map similar.
{{{
dn: printer-uri=myprinter
objectclass=top
objectclass=printerService
objectclass=printerAbstract
objectclass=sunPrinter
printer-name=myprinter
sun-printer-bsdaddr=printsvr.example.com,myprinter,Solaris
sun-printer-kvp=description=HP LaserJet (PS)
printer-uri=myprinter
}}}
For printer aliases , you need to add "objectClass=printerLPR" and create an entry like:
{{{
dn: printer-uri=myprinterAlias
objectclass=top
objectclass=printerService
objectclass=printerAbstract
objectclass=sunPrinter
objectClass=printerLPR
printer-name=myprinterAlias
printer-aliases=myprinterAlias
sun-printer-kvp=use=myprinter
printer-uri=myprinterAlias
}}}
!!![profile|DUAConfigProfile]
{{{
dn: cn=default,ou=profile,ou=unix,dc=willeke,dc=com
serviceSearchDescriptor: passwd:ou=people,dc=willeke,dc=com?sub
serviceSearchDescriptor: group:ou=Groups,dc=willeke,dc=com?one
serviceSearchDescriptor: netgroup:ou=Netgroups,ou=unix,dc=willeke,dc=com?one
serviceSearchDescriptor: sudoers:ou=Sudoers,ou=unix,dc=willeke,dc=com?one
defaultSearchScope: one
objectclassMap: passwd:posixAccount=posixAccount
objectclassMap: group:posixGroup=posixGroup
objectclassMap: sudoers:sudoRole=sudoRole
objectclassMap: netgroup:nisNetgroup=nisNetgroup
credentialLevel: proxy
profileTTL: 3000
authenticationMethod: tls:simple
followReferrals: FALSE
bindTimeLimit: 10
preferredServerList: XXX.XXX.XXX.XXX YYY.YYY.YYY.YYY
defaultSearchBase: ou=unix,dc=willeke,dc=com
defaultServerList: XXX.XXX.XXX.XXX YYY.YYY.YYY.YYY
searchTimeLimit: 30
objectClass: Top
objectClass: DUAConfigProfile
cn: default
}}}
!!!ypservers
Used only by the N2L Product and NIS Servers.
{{{
dn: cn=nis-new,ou=ypservers,ou=Unix,dc=example,dc=com
objectClass: Device
objectClass: Top
cn: nis-new
}}}
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop