test

System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)

ProcedureHow to Set Up the N2L Service With Custom or Nonstandard Mappings

Use this procedure if the following circumstances apply:

  1. Complete the prerequisite steps that are listed in Prerequisites for the NIS-to-LDAP Transition.

  2. On the NIS master server, become superuser or assume an equivalent role.

    Roles contain authorizations and privileged commands. For more information about roles, see Chapter 9, Using Role-Based Access Control (Tasks), in System Administration Guide: Security Services.

  3. Configure the NIS master server into the N2L server.


    # inityp2l

    Run the inityp2l script on the NIS master server and follow the prompts. See Setting Up the NIS-to-LDAP Service for a list of the information you need to provide.

    See the inityp2l(1M) man page for more details.

  4. Modify the /var/yp/NISLDAPmapping file.

    See Examples of Custom Maps for examples of how to modify the mapping file.

  5. Determine if the LDAP Directory Information Tree (DIT) is fully initialized.

    The DIT is fully initialized if it already contains the information necessary to populate all the maps that are listed in the NISLDAPmapping file.

    • If no, complete Step 6, Step 8, and Step 9.

    • If yes, skip Step 6 and complete Step 7, Step 8, and Step 9.

  6. Initialize the DIT for the transition from the NIS source files.

    1. Make sure that the old NIS maps are up-to-date.


      # cd /var/yp
# make

      For more information, see the ypmake(1M) man page.

    2. Stop the NIS daemons.


      # svcadm disable network/nis/server:default

    3. Copy the old maps to the DIT, then initialize N2L support for the maps.


      # ypserv -Ir

      Wait for ypserv to exit.

      Tip –

      The original NIS dbm files are not overwritten. You can recover these files, if needed.

    4. Start the NIS daemons to ensure that they use the new maps.


      # svcadm enable network/nis/server:default

    5. Skip Step 7 and continue with Step 8.

  7. Initialize the NIS maps.

    Perform this step only if the DIT is fully initialized.

    1. Stop the NIS daemons.


      # svcadm disable network/nis/server:default

    2. Initialize the NIS maps from information in the DIT.


      # ypserv -r

      Wait for ypserv to exit.

      Tip –

      The original NIS dbm files are not overwritten. You can recover these files, if needed.

    3. Start the NIS daemons to ensure that they use the new maps.


      # svcadm enable network/nis/server:default

  8. Verify that the LDAP entries are correct.

    If the entries are not correct, then the entries can not be found by LDAP naming services clients.


    # ldapsearch -h server -s sub -b "ou=servdates, dc=..." \
"objectclass=servDates"

  9. Verify the contents of the LDAP_ maps.

    The following sample output shows how to use makedm to verify the contents of the hosts.byaddr map.


    # makedbm -u LDAP_servdate.bynumber
plato: 1/3/2001
johnson: 2/4/2003,1/3/2001
yeats: 4/4/2002
poe: 3/3/2002,3/4/2000

    If the contents are as expected, the transition from NIS to LDAP was successful.

    Note that the original NIS dbm files are not overwritten, so you can always recover those files. See Reverting to NIS for more information.