Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)
Previous Next

Mapping NIS+ Objects Other Than Table Entries

You can store NIS+ objects other than table entries in LDAP. However, doing so has no particular value unless you also have NIS+ replicas that obtain those NIS+ objects from LDAP. The recommended choices are the following.

  • There are no replicas, or the replicas obtain their data from the NIS+ master only.

    Edit the mapping configuration file (see NIS+LDAPmapping(4)) to remove the following attribute values for all non-table-entry objects.

    nisplusLDAPdatabaseIdMapping
    nisplusLDAPentryTtl
    nisplusLDAPobjectDN

    For example, if you started out from the /var/nis/NIS+LDAPmapping.template file, the sections you need to remove (or disable by commenting) are as follows.

    # Standard NIS+ directories
    nisplusLDAPdatabaseIdMapping    basedir:
    .
    .
    .
    nisplusLDAPdatabaseIdMapping    user_attr_table:user_attr.org_dir
    nisplusLDAPdatabaseIdMapping     audit_user_table:audit_user.org_dir
    
    # Standard NIS+ directories
    nisplusLDAPentryTtl             basedir:21600:43200:43200
    .
    .
    .
    nisplusLDAPentryTtl    user_attr_table:21600:43200:43200
    nisplusLDAPentryTtl    audit_user_table:21600:43200:43200
    
    # Standard NIS+ directories
    nisplusLDAPobjectDN    basedir:cn=basedir,ou=nisPlus,?base?\
           objectClass=nisplusObjectContainer:\
           cn=basedir,ou=nisPlus,?base?\
           objectClass=nisplusObjectContainer,\
           objectClass=top
    .
    .
    .
    nisplusLDAPobjectDN    audit_user_table:cn=audit_user,ou=nisPlus,?base?\
           objectClass=nisplusObjectContainer:\
           cn=audit_user,ou=nisPlus,?base?\
           objectClass=nisplusObjectContainer,\
           objectClass=top
  • NIS+ replicas obtain their data from LDAP server.

    Create the nisplusObject attribute and nisplusObjectContainer object class as shown in the following example (LDIF data is suitable for ldapadd(1). Attribute and object class OIDs are for illustration only.)

    dn: cn=schema
    changetype: modify
    add: attributetypes
    attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.1.0 NAME 'nisplusObject'
           DESC 'An opaque representation of an NIS+ object'
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE )
    dn: cn=schema
    changetype: modify
    add: objectclasses
    objectclasses: (1.3.6.1.4.1.42.2.27.5.42.42.2.0 NAME'nisplusObjectContainer'
    SUP top STRUCTURAL DESC 'Abstraction of an NIS+ object'
    MUST ( cn $ nisplusObject ) )

    You also need to create a container for the NIS+ objects. The following LDIF syntax shows how to create the ou=nisPlus,dc=some,dc=domain container, and can be used as input to ldapadd(1).

    dn: ou=nisPlus,dc=some,dc=domain
    ou: nisPlus
    objectClass: top
    objectClass: organizationalUnit
Previous Next

 
 
  Published under the terms fo the Public Documentation License Version 1.01. Design by Interspire