Reverting to NIS
A site that has transitioned from NIS to LDAP using the N2L
service is expected to gradually replace all NIS clients with Solaris LDAP naming services
clients. Support for NIS clients eventually becomes redundant. However, if required, the N2L
service provides two ways to return to traditional NIS, as explained in the
next two procedures.
Tip - Traditional NIS ignores the N2L versions of the NIS maps if those maps
are present. After reverting to NIS, if you leave the N2L versions
of the maps on the server, the N2L maps do not cause problems.
Therefore, it might be useful to keep the N2L maps in case you
later decide to re-enable N2L. However, the maps do take up disk space.
How to Revert to Maps Based on Old Source Files
- Become superuser or assume an equivalent role.
Roles contain authorizations and privileged commands. For more information about roles, see Chapter 9, Using Role-Based Access Control (Tasks), in System Administration Guide: Security Services.
- Stop the NIS daemons.
# svcadm disable network/nis/server:default
- Disable N2L.
This command backs up and moves the N2L mapping file.
# mv /var/yp/NISLDAPmapping backup_filename
- Set the NOPUSH environment variable so the new maps are not pushed by
ypmake.
# NOPUSH=1
- Make a new set of NIS maps that are based on the old
sources.
# cd /var/yp
# make
- (Optional) Remove N2L versions of the NIS maps.
# rm /var/yp/domainname/LDAP_*
- Start the NIS daemons.
# svcadm enable network/nis/server:default
How to Revert to Maps Based on Current DIT Contents
Back up the old NIS source files before performing this procedure.
- Become superuser or assume an equivalent role.
Roles contain authorizations and privileged commands. For more information about roles, see Chapter 9, Using Role-Based Access Control (Tasks), in System Administration Guide: Security Services.
- Stop the NIS daemons.
# svcadm disable network/nis/server:default
- Update the maps from the DIT.
# ypserv -r
Wait for ypserv to exit.
- Disable N2L.
This command backs up and moves the N2L mapping file.
# mv /var/yp/NISLDAPmapping backup_filename
- Regenerate the NIS source files.
# ypmap2src
- Manually check that regenerated NIS source files have the correct content and structure.
- Move the regenerated NIS source files to the appropriate directories.
- (Optional) Remove the N2L versions of the mapping files.
# rm /var/yp/domainname/LDAP_*
- Start the NIS daemons.
# svcadm enable network/nis/server:default