| Skip Navigation Links | |
| Exit Print View | |
|
System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) |
| Skip Navigation Links | |
| Exit Print View | |
|
|
System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) |
Part I About Naming and Directory Services
1. Naming and Directory Services (Overview)
2. The Name Service Switch (Overview)
Part II DNS Setup and Administration
3. DNS Setup and Administration (Reference)
Part III NIS Setup and Administration
4. Network Information Service (NIS) (Overview)
5. Setting Up and Configuring NIS Service
Part IV LDAP Naming Services Setup and Administration
8. Introduction to LDAP Naming Services (Overview/Reference)
9. LDAP Basic Components and Concepts (Overview)
10. Planning Requirements for LDAP Naming Services (Tasks)
11. Setting Up Sun Java System Directory Server With LDAP Clients (Tasks)
12. Setting Up LDAP Clients (Tasks)
13. LDAP Troubleshooting (Reference)
14. LDAP General Reference (Reference)
15. Transitioning From NIS to LDAP (Overview/Tasks)
16. Transitioning From NIS+ to LDAP
NIS+ to LDAP Tools and the Service Management Facility
When Not to Use SMF With NIS+ to LDAP
Modifying the /lib/svc/method/nisplus File
Creating Attributes and Object Classes
Getting Started With the NIS+ to LDAP Transition
Default Location in LDAP and NIS+
Timeout/Size Limits and Referral Action for LDAP Communication
General LDAP Operation Control
nisplusLDAPdatabaseIdMapping Attribute
nisplusLDAPattributeFromColumn Attribute
nisplusLDAPcolumnFromAttribute Attribute
NIS+ to LDAP Migration Scenarios
How to Convert All NIS+ Data to LDAP in One Operation
How to Convert All LDAP Data to NIS+ in One Operation
How to Merge NIS+ and LDAP Data
Masters and Replicas (NIS+ to LDAP)
The Directory Server (NIS+ to LDAP)
Configuring the Sun Java System Directory Server
Assigning Server Address and Port Number
Mapping NIS+ Objects Other Than Table Entries
NIS+ Entry Owner, Group, Access, and TTL
How to Store Additional Entry Attributes in LDAP
Principal Names and Netnames (NIS+ to LDAP)
Adding New Object Mappings (NIS+ to LDAP)
Storing Configuration Information in LDAP
A. Solaris 10 Software Updates to DNS, NIS, and LDAP
Because RFC 2307 does not provide schemas for the information kept in the NIS+ client_info.org_dir and timezone.org_dir tables, mapping of these tables is not enabled by default in the template mapping file (/var/nis/NIS+LDAPmapping.template). If you want to keep the client_info andtimezone information in LDAP, consult your LDAP server documentation, and create the new attributes and object classes discussed in the following sections.
Create attributes and object class as below, and then create the container for the client_info data. The suggested container name is ou=ClientInfo. LDIF data is for ldapadd(1). The attribute and object class OIDs used in the following are examples only.
dn: cn=schema
changetype: modify
add: attributetypes
attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.12.0 \
NAME 'nisplusClientInfoAttr' \
DESC 'NIS+ client_info table client column' \
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.12.1 \
NAME 'nisplusClientInfoInfo' \
DESC 'NIS+ client_info table info column' \
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.12.2 \
NAME 'nisplusClientInfoFlags' \
DESC 'NIS+ client_info table flags column' \
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
dn: cn=schema
changetype: modify
add: objectclasses
objectclasses: ( 1.3.6.1.4.1.42.2.27.5.42.42.13.0 \
NAME 'nisplusClientInfoData' \
DESC 'NIS+ client_info table data' \
SUP top STRUCTURAL MUST ( cn ) \
MAY ( nisplusClientInfoAttr $ nisplusClientInfoInfo $ nisplusClientInfoFlags ) )
To create the container, put the following LDIF data in a file. Substitute your actual search base for searchBase.
dn: ou=ClientInfo, searchBase
objectClass: organizationalUnit
ou: ClientInfo
objectClass: top
Use the above file as input to the ldapadd command in order to create the ou=ClientInfo container. For example, if your LDAP administrator DN is cn=directory manager, and the file with the LDIF data is called cifile, do the following.
# ldapadd -D cn="directory manager" -f cifile
Depending on the authentication required, the ldapadd command might prompt for a password.
The /var/nis/NIS+LDAPmapping.template file contains commented-out definitions for the client_info.org_dir table. Copy these to the actual mapping file, enable by removing the comment character '#', and restart the rpc.nisd daemon.
# svcadm restart network/rpc/nisplus:default
If necessary, synchronize NIS+ and LDAP data as described in NIS+ to LDAP Migration Scenarios.
Create attributes and object class as below, and then create the container for the timezone data. The suggested container name is ou=Timezone. (The LDIF data is suitable for ldapadd(1). Attribute and object class OIDs are examples only.)
dn: cn=schema
changetype: modify
add: attributetypes
attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.15.0 NAME 'nisplusTimeZone' \
DESC 'tzone column from NIS+ timezone table' \
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
dn: cn=schema
changetype: modify
add: objectclasses
objectclasses: ( 1.3.6.1.4.1.42.2.27.5.42.42.16.0 NAME 'nisplusTimeZoneData' \
DESC 'NIS+ timezone table data' \
SUP top STRUCTURAL MUST ( cn ) \
MAY ( nisplusTimeZone $ description ) )
To create the ou=Timezone container, put the following LDIF data in a file. Substitute your actual search base for searchBase.
dn: ou=Timezone,searchBase ou: Timezone objectClass: top
objectClass: organizationalUnit
Use the above file as input to ldapadd(1) in order to create the ou=Timezone container. For example, if your LDAP administrator DN is cn=directory manager, and the file with the LDIF data is called tzfile.
# ldapadd -D cn="directory manager" -f tzfile
Depending on the authentication required, the ldapadd command might prompt for a password.
The /var/nis/NIS+LDAPmapping.template file contains commented-out definitions for the timezone.org_dir table. Copy these to the actual mapping file, enable by removing the comment character '#', and restart the rpc.nisd daemon.
# svcadm restart network/rpc/nisplus:default
If necessary, synchronize NIS+ and LDAP data as described in NIS+ to LDAP Migration Scenarios.
|