NIS to LDAP example


(Difference between revisions)
Jump to: navigation, search
Line 4: Line 4:
* ''group''
* ''group''
* ''auto_master''
* ''auto_master''
* Two non-standard automount maps: ''auto_pra'' and ''auto_soft''
* ''auto_pra'' and ''auto_soft'', two non-standard automount maps
=== Save the NIS maps as text files ===
=== Save the NIS maps as text files ===

Revision as of 21:49, 12 December 2007

In this example, I bind a Solaris 8 NIS client to a Solaris 10 DSEE 6.2 LDAP server and convert the following NIS maps to LDAP databases:

  • passwd
  • group
  • auto_master
  • auto_pra and auto_soft, two non-standard automount maps


Save the NIS maps as text files

Save the NIS maps as text files before binding the client to the LDAP server. As soon as you use ldapclient to bind to an LDAP server, /etc/nsswitch.ldap is copied over /etc/nsswitch.conf and your NIS client is stopped.

On the NIS client:

$ ypcat passwd > /tmp/nis_passwd_map
$ ypcat group > /tmp/nis_group_map
$ ypcat -k auto_master > /tmp/nis_auto_master_map
$ ypcat -k auto_pra > /tmp/nis_auto_pra_map
$ ypcat -k auto_soft > /tmp/nis_auto_soft_map

Bind the NIS client to the LDAP domain


# ldapclient -P simple -d -D cn=proxyagent,ou=profile,dc=subdomain,dc=example,dc=com LDAP_server_IP
System successfully configured

Create the LDAP databases

Perform these steps on the LDAP client.


# ldapaddent -a simple -p -D "cn=Directory Manager" -h LDAP_server_IP -f /tmp/nis_passwd_map passwd
Enter password:
382 entries added


# ldapaddent -a simple -D "cn=Directory Manager" -h LDAP_server_IP -f /tmp/nis_group_map group
Enter password:
29 entries added


auto_master NIS map:

/vol.soft auto_soft             -rw,intr,soft,timeo=7,retrans=9,noquota,vers=2,proto=udp
/vol.pra auto_pra               -rw,intr,soft,timeo=7,retrans=9,noquota,vers=2,proto=udp

Corresponding auto_master LDAP database (e.g., /tmp/auto_master.ldif):

dn: automountkey=/vol.pra,automountMapName=auto_master,dc=subdomain,dc=example,dc=com
automountInformation: auto_pra -rw,intr,soft,timeo=7,retrans=9,noquota,vers=2,proto=udp
objectClass: top
objectClass: automount
automountKey: /vol.pra
dn: automountkey=/vol.soft,automountMapName=auto_master,dc=subdomain,dc=example,dc=com
automountInformation: auto_soft -rw,intr,soft,timeo=7,retrans=9,noquota,vers=2,proto=udp
objectClass: top
objectClass: automount
automountKey: /vol.soft
# ldapmodify -a -D "cn=Directory Manager" -h LDAP_server_IP -f /tmp/auto_master.ldif


Before we can populate the non-standard auto_pra and auto_soft automounter maps, we have to add them to the automount map.


dn: automountMapName=auto_soft,dc=subdomain,dc=example,dc=com
automountMapName: auto_soft
objectClass: top
objectClass: automountMap

dn: automountMapName=auto_pra,dc=subdomain,dc=example,dc=com
automountMapName: auto_pra
objectClass: top
objectClass: automountMap


auto_pra NIS map:

mh-cx-pra-areas nvpmmnf604:/vol/pra_mh_citrix/mh-cx-pra-areas
pra nvpmmnf604:/vol/pra_mh_citrix/mh-cx-pra/pra

Corresponding auto_pra LDAP database (e.g., /tmp/auto_pra.ldif):

dn: automountkey=pra, automountmapname=auto_pra,dc=subdomain,dc=example,dc=com
automountKey: pra
objectClass: top
objectClass: automount
automountInformation: nvpmmnf604:/vol/pra_mh_citrix/mh-cx-pra/pra

dn: automountkey=mh-cx-pra-areas, automountmapname=auto_pra,dc=subdomain,dc=example,dc=com
automountKey: mh-cx-pra-areas
objectClass: top
objectClass: automount
automountInformation: nvpmmnf604:/vol/pra_mh_citrix/mh-cx-pra-areas
# ldapmodify -a -D "cn=Directory Manager" -h LDAP_server_IP -f /tmp/auto_pra.ldif


auto_soft NIS map:

sybase nvpmmnf604:/vol/pra_mh_citrix/mh-cx-pra/soft/sybase
remedy nvpmmnf604:/vol/pra_mh_citrix/mh-cx-pra/soft/remedy32
local nvpmmnf604:/vol/pra_mh_citrix/mh-cx-pra/local
soft nvpmmnf604:/vol/pra_mh_citrix/mh-cx-pra/soft

Corresponding auto_soft LDAP database (e.g., /tmp/auto_soft.ldif):

dn: automountkey=remedy, automountmapname=auto_soft,dc=subdomain,dc=example,dc=com
automountKey: remedy
objectClass: top
objectClass: automount
automountInformation: nvpmmnf604:/vol/pra_mh_citrix/mh-cx-pra/soft/remedy32

dn: automountkey=local, automountmapname=auto_soft,dc=subdomain,dc=example,dc=com
automountKey: local
objectClass: top
objectClass: automount
automountInformation: nvpmmnf604:/vol/pra_mh_citrix/mh-cx-pra/local

dn: automountkey=soft, automountmapname=auto_soft,dc=subdomain,dc=example,dc=com
automountKey: soft
objectClass: top
objectClass: automount
automountInformation: nvpmmnf604:/vol/pra_mh_citrix/mh-cx-pra/soft

dn: automountkey=sybase, automountmapname=auto_soft,dc=subdomain,dc=example,dc=com
automountKey: sybase
objectClass: top
objectClass: automount
automountInformation: nvpmmnf604:/vol/pra_mh_citrix/mh-cx-pra/soft/sybase
# ldapmodify -a -D "cn=Directory Manager" -h LDAP_server_IP -f /tmp/auto_soft.ldif

Configure the name service switch on the LDAP client

When running ldapclient to initialize the LDAP client, /etc/nsswitch.conf is overwritten with /etc/nsswitch.ldap. It is likely that /etc/nsswitch.conf will have to be modified, as it does not use DNS when looking up hostnames, and only references local files when LDAP is not available.

Personal tools