[{TableOfContents}]
!!! Overview
We know [LDAP], but [NIS] and all the different ways that NIS MAPs are implemented were confusing. The data presented is based on a "real" implementation as we saw things to make [LDAP] return the same values as were presented form the [NIS] servers to clients.
Use with caution as your mileage may vary (Well, your [NIS] may vary.)
Keep in mind the different [LDAP schema used by autofs].
!! passwd and shadow
Typical location in LDAP: ou=people or ou=users
Map Format:
{{{loginname:password:uidNumber|defaultgidNumber:gecos:homeDirectory:loginShell}}}
Example map entry:
{{{jwilleke:x:52658:280:Jim Willeke, 213-449-7111:/home/jwilleke:/usr/bin/ksh}}}
LDAP entry would be:
{{{
dn: uid=user1,ou=People,dc=willeke,dc=com
uid: user1
cn: user1
uidnumber: 199995
gidnumber: 20
gecos: Joe Smith [New York]
homedirectory: /home/user1
loginshell: /bin/csh
objectclass: top
objectclass: shadowAccount
objectclass: account
objectclass: posixAccount
objectclass: nisKeyObject
objectclass: inetOrgPerson
}}}
!!!passwd and publickey
Typical location in LDAP: ou=people or ou=users
Map Format:
{{{name publickey:encryptedPrivateKey}}}
Example map entry:
{{{nobody 9cc01614d929848849add28d090acdaa1c78270aeec969c9:9999999998769c999c39e7a6ed4e7afd687d4b99908b4de99}}}
LDAP entry would be:
{{{
dn: uid=nobody,ou=People,dc=willeke,dc=com
uid: nobody
cn: nobody
uidnumber: 199995
gidnumber: 20
gecos: nobody
homedirectory: /home/nobody
loginshell: /bin/csh
nisPublicKey: 9cc01614d929848849add28d090acdaa1c78270aeec969c9
nisSecretKey: 9999999998769c999c39e7a6ed4e7afd687d4b99908b4de99
objectclass: top
objectclass: shadowAccount
objectclass: account
objectclass: posixAccount
objectclass: nisKeyObject
objectclass: inetOrgPerson
}}}
!!![group|posixGroup]
Typical location in LDAP: ou=group
Map Format:
{{{groupname:*:memberUid,memberUid,memberUid}}}
Example map entry:
{{{mygroup:*:441:user1,user2,user3}}}
LDAP entry would be:
{{{
dn: cn=mygroup,ou=Group,ou=unix,dc=willeke,dc=com
cn: mygroup
gidnumber: 4441
memberuid: user1
memberuid: user2
memberuid: user3
objectclass: top
objectclass: posixGroup
}}}
!!!services
{{{
dn: cn=name+ipServiceProtocol=udp,ou=Services,ou=unix,dc=willeke,dc=com
cn: name
cn: nameserver
ipserviceprotocol: udp
ipserviceport: 42
objectclass: top
objectclass: ipService
}}}
!!! [netgroup]
Typical location in LDAP: ou=netgroup
Map Format:
Example map entry:
LDAP entry would be:
{{{
cn=mynetgroup,ou=netgroup,dc=central,dc=sun,dc=com
objectclass=nisNetgroup
objectclass=top
cn=mynetgroup
nisnetgrouptriple=(user1..mydc.mycom.com,-,)
nisnetgrouptriple=(user1.,-,)
membernisnetgroup=mylab
}}}
!!!hosts and publickey
Typical location in LDAP: ou=hosts
Map Format:
{{{IP-address official-host-name nickname1 nickname2 nicknames...}}}
Example map entry:
{{{200.20.20.99 myhost jimshost # host 1 - floor 1 - Lab a - building b}}}
LDAP entry would be:
{{{
dn: cn=myhost+ipHostNumber=200.20.20.99,ou=Hosts,ou=unix,dc=willeke,dc=com
cn: myhost
cn: jimshost
iphostnumber: 200.20.20.99
description: host 1 - floor 1 - Lab a - building b
nispublickey: 9cc01614d929848849add28d090acdaa1c78270aeec969c9
nissecretkey: 9999999998769c999c39e7a6ed4e7afd687d4b99908b4de99
objectclass: top
objectclass: NisKeyObject (AUX)
objectclass: device
objectclass: ipHost (AUX)
}}}
!!!networks and netmasks
Typical location in LDAP: ou=networks
Map Format:
Example map entry:
{{{anoc-1 129.230 anoc-1}}}
LDAP entry would be:
{{{
dn: ipNetworkNumber=129.230,ou=Networks,ou=unix,dc=willeke,dc=com
cn: anoc-1
ipnetworknumber: 129.144
objectclass: top
objectclass: ipNetwork
description: your Lab Network
ipnetmasknumber: 255.255.255.0
}}}
Example map entry:
{{{200.20.20.0 255.255.255.0}}}
LDAP entry would be:
{{{
dn: ipNetworkNumber=200.20.20.0,ou=Networks,ou=unix,dc=willeke,dc=com
cn: 200-20-20
ipnetworknumber: 200.20.20.0
objectclass: top
objectclass: ipNetwork
description: my Lab Network
ipnetmasknumber: 255.255.255.0
}}}
Example 2:
Example map entry:
{{{129.144 255.255.255.0}}}
LDAP entry would be:
{{{
dn: ipNetworkNumber=129.144,ou=Networks,ou=unix,dc=willeke,dc=com
cn: 129.144
ipnetworknumber: 129.144
objectclass: top
objectclass: ipNetwork
description: your Lab Network
ipnetmasknumber: 255.255.255.0
}}}
Example 3:
Example map entry:
{{{arpanet 10 arpa # Historical}}}
LDAP entry would be:
dn: ipNetworkNumber=10,ou=Networks,ou=unix,dc=willeke,dc=com
cn: arpanet
cn: arpa
ipnetworknumber: 10
objectclass: top
objectclass: ipNetwork
description: Historical
ipnetmasknumber: 255.0.0.0
}}}
!!!rpc
Typical location in LDAP: ou=rpc
Map Format:
Example map entry:
{{{logger 100102 na.logger # SunNet Manager}}}
LDAP entry would be:
{{{
dn: cn=logger,ou=Rpc,ou=unix,dc=willeke,dc=com
cn: logger
cn: na.logger
oncrpcnumber: 100102
description: SunNet Manager
objectclass: top
objectclass: oncRpc
}}}
!!!protocols
Typical location in LDAP: ou=networks
Map Format:
Example map entry:
{{{
ipv6 41 IPv6 # IPv6 in IP encapsulation
}}}
LDAP entry would be:
{{{
dn: cn=ipv6,ou=Protocols,ou=unix,dc=willeke,dc=com
cn: IPv6
ipprotocolnumber: 41
description: IPv6 in IP encapsulation
description: transmission control protocol
objectclass: top
objectclass: ipProtocol
}}}
!!!ethers and bootparams
Typical location in LDAP: ou=ethers
Example map entry (ethers):
{{{8:1:21:71:31:c1 myhost}}}
Example map entry (bootparams):
{{{myhost root=boothost:/export/a/b/c/d/e}}}
LDAP entry would be:
{{{
dn: cn=myhost,ou=Ethers,ou=unix,dc=willeke,dc=com
macaddress: 8:1:21:71:31:c1
bootparameter: root=boothost:/export/a/b/c/d/e
objectclass: top
objectclass: device
objectclass: ieee802Device (AUX)
objectclass: bootableDevice (AUX)
cn: myhost
}}}
!!!publickey
{{{
dn: cn=myhost+ipHostNumber=200.20.20.99,ou=Hosts,ou=unix,dc=willeke,dc=com
cn: myhost
iphostnumber: 200.20.20.99
description: Joe Smith
nispublickey: 9cc01614d929848849add28d090acdaa1c78270aeec969c9
nissecretkey: 9999999998769c999c39e7a6ed4e7afd687d4b99908b4de99
objectclass: top
objectclass: NisKeyObject
objectclass: device
objectclass: ipHost
}}}
!!!aliases
For an entry form a NIS make file similar to:
{{{amass: bestj@mailbox,titschr@mailbox,gayhead@mailbox,vansicr@mailbox}}}
You would create an LDAP entry like:
{{{
dn: cn=amass,ou=Aliases,ou=unix,dc=willeke,dc=com
mgrpRFC822mailmember: bestj@mailbox
mgrpRFC822mailmember: titschr@mailbox
mgrpRFC822mailmember: gayhead@mailbox
mgrpRFC822mailmember: vansicr@mailbox
mail: amass
objectClass: mailGroup
objectClass: groupOfNames
objectClass: Top
cn: amass
}}}
[Aliases File Format|AliasesFileFormat]
[Original mailGroup schema from NetScape|Original Mailgroup Schema From Netscape] Note that only cn, mgrpRFC822mailmember and mail are used form the original objectClass.
!!![solarisProject]
For an entry form a NIS make file similar to:
{{{dcdi01p01:1001:king:oracle::project.cpu-shares=(privileged,30,none)}}}
You would create an Entry like:
{{{
dn: SolarisProjectName=dcdi01p01,ou=Projects,ou=unix,dc=willeke,dc=com
SolarisProjectName: dcdi01p01
SolarisProjectID: 1001
SolarisProjectAttr: project.cpu-shares=(privileged,30,none)
memberUid: oracle
objectClass: SolarisProject
objectClass: Top
description: king
}}}
!!![Automount|LDAP schema used by autofs]
The following shows an [example] of a direct AutoFS map, auto_direct, stored in the LDAP directory server using new (rfc-2307bis) automount schema:
{{{
dn:automountMapName=auto_direct,dc=nishpind
objectClass: top
objectClass: automountMap
automountMapName: auto_direct
dn:automountKey=/mnt_direct/test1,automountMapname=auto_direct, dc=nishpind
objectClass: top
objectClass: automount
automountInformation:hostA:/tmp
automountKey: /mnt_direct/test1
dn:automountKey=/mnt_direct/test2,automountMapname=auto_direct, dc=nishpind
objectClass: top
objectClass: automount
automountInformation:hostB:/tmp
automountKey:/mnt_direct/test2
}}}
Automounts become a DIT structure similar to:
{{{
dc=com
|--dc=willeke
|---ou=Unix
|----automountMapName=auto_direct
|-----automountKey=/mnt_direct/test1
|-----automountKey=/mnt_direct/test2
}}}
!!!Printers
Includes [RFC-3712 and SUN-Printer Schema|RFC3712PrinterSchema].
This one seems to not work the way we expected. Given a map similar.
{{{
dn: printer-uri=myprinter
objectclass=top
objectclass=printerService
objectclass=printerAbstract
objectclass=sunPrinter
printer-name=myprinter
sun-printer-bsdaddr=printsvr.example.com,myprinter,Solaris
sun-printer-kvp=description=HP LaserJet (PS)
printer-uri=myprinter
}}}
For printer aliases , you need to add "objectClass=printerLPR" and create an entry like:
{{{
dn: printer-uri=myprinterAlias
objectclass=top
objectclass=printerService
objectclass=printerAbstract
objectclass=sunPrinter
objectClass=printerLPR
printer-name=myprinterAlias
printer-aliases=myprinterAlias
sun-printer-kvp=use=myprinter
printer-uri=myprinterAlias
}}}
!!![profile|DUAConfigProfile]
{{{
dn: cn=default,ou=profile,ou=unix,dc=willeke,dc=com
serviceSearchDescriptor: passwd:ou=people,dc=willeke,dc=com?sub
serviceSearchDescriptor: group:ou=Groups,dc=willeke,dc=com?one
serviceSearchDescriptor: netgroup:ou=Netgroups,ou=unix,dc=willeke,dc=com?one
serviceSearchDescriptor: sudoers:ou=Sudoers,ou=unix,dc=willeke,dc=com?one
defaultSearchScope: one
objectclassMap: passwd:posixAccount=posixAccount
objectclassMap: group:posixGroup=posixGroup
objectclassMap: sudoers:sudoRole=sudoRole
objectclassMap: netgroup:nisNetgroup=nisNetgroup
credentialLevel: proxy
profileTTL: 3000
authenticationMethod: tls:simple
followReferrals: FALSE
bindTimeLimit: 10
preferredServerList: XXX.XXX.XXX.XXX YYY.YYY.YYY.YYY
defaultSearchBase: ou=unix,dc=willeke,dc=com
defaultServerList: XXX.XXX.XXX.XXX YYY.YYY.YYY.YYY
searchTimeLimit: 30
objectClass: Top
objectClass: DUAConfigProfile
cn: default
}}}
!!!ypservers
Used only by the N2L Product and NIS Servers.
{{{
dn: cn=nis-new,ou=ypservers,ou=Unix,dc=example,dc=com
objectClass: Device
objectClass: Top
cn: nis-new
}}}
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]