test

Sun Directory Services 3.1 Administration Guide

Mapping Semantics

Front-end name indicates the name of the service. All the information that follows that name describes the mapping of service-specific information to LDAP object classes and attributes.

The first Common section immediately following the front-end name gives configuration information that applies to the front-end or service. It contains mandatory configuration variables that are required in the translation process, and optional configuration variables that are stored in the same file for convenience. In the nis.mapping and radius.mapping files, this section can be modified through the Admin Console.

The Table section defines mapping information for a particular type of information. The mapping information determines the object class of all entries created using that table definition. Each table definition is composed of the following sections:

The Dynamic section is the only one that is mandatory. Without it, neither import nor export operations work. The other sections can be omitted if you do not need them. For instance, if you never intend to export information from the directory, you do not need to create an Export section.

Each section contains keywords and definitions used in the import or export process. Table 5-1provides a list of mapping keywords, the sections in which they can occur, and their purpose.

In any section, you can create variables or tokens, that is, private definitions, by using the following format: 

tokenT=token definition

Your private definitions can use the syntax and functions described in "Condense".

Table 5-1 Summary of Mapping File Keywords

Section 

Keyword 

Mandatory/Optional 

Purpose 

Common 

BASE_DN 

Mandatory, but can be specified in the Dynamic section 

Specifies a naming context. See "BASE_DN ".

MAP_NAME 

Mandatory for an NIS table definition 

Indicates the name of the NIS table corresponding to the table definition. See "MAP_NAME ".

PRIVATE_OBJECTCLASSES 

Mandatory when object class is not unique 

Used for updates on entries created from several table definitions. See "PRIVATE_OBJECTCLASSES ".

Dynamic 

ALL_FILTER 

Mandatory 

Defines a filter for identifying all entries created using the table definition. See "ALL_FILTER".

DC_NAMING 

Optional 

Defines the mechanism for converting a domain name to an LDAP dc name structure. See "DC_NAMING".

LINE 

Mandatory 

Defines decomposition of input information. See "LINE".

MATCH_FILTER 

Mandatory 

Defines a filter for identifying a particular entry created using the table definition. See "MATCH_FILTER".

Export/Build 

LINE 

Mandatory if the Export section exists 

In export file, defines format of line composed of LDAP attributes. See "Export Section".

NIS_KEY 

Mandatory for NIS 

Identifies NIS key in export file. 

NIS_VALUE 

Mandatory for NIS 

Identifies NIS value in export file. 

Import/Extract 

LINE 

Mandatory if the Import section exists 

Defines decomposition of input information. See "Import Section".

Common Section

The Common section contains definitions of variables that apply to all the entries created using that table definition but not to the entire service or front-end. For example, the Common section typically contains the naming context under which the entries are created. The naming context is specified using the BASE_DN keyword.

BASE_DN

The BASE_DN keyword specifies the naming context under the entries are to be created. The dsimport utility looks for this parameter in several places, in the following order:

  1. Command line of dsimport, option -V

  2. Dynamic section

  3. Common section for the Table

  4. Common section for the Front-End (at the beginning of the mapping file)

MAP_NAME

The MAP_NAME keyword specifies the name of the NIS map corresponding to the table definition. This keyword is used to create administrative entries for the NIS service. The directory server maintains these entries automatically.

This keyword is used also to create the naming context for the NIS entries that are created by using the generic mapping definition.

The MAP_NAME keyword is specific to the NIS service.

PRIVATE_OBJECTCLASSES

The PRIVATE_OBJECTCLASSES keyword specifies an object class when the object class and attributes derived from a table definition do not make up a complete entry. This keyword is necessary for maintaining directory entries that are created from several table definitions. This can be the case when several table definitions each create an auxiliary object class and its associated attributes.

For example, in the NIS environment, network hosts can have entries in at least three files: /etc/bootparams, /etc/ethers, /etc/hosts. However, each host has just one entry in the LDAP directory, with the three auxiliary object classes bootableDevice, ieee802Device, and ipHost. If the entry for the host is deleted in one of these files, the corresponding entry in the LDAP directory must not be deleted but simply updated by removing the appropriate auxiliary object class, and any attributes specific to that object class.

Dynamic Section

The Dynamic section contains equations that make it possible to dynamically build the filters required to locate relevant information.

LINE

The LINE keyword is necessary to define how the input information must be dynamically decomposed to provide the elements required in the MATCH_FILTER and ALL_FILTER definitions.

The syntax of the LINE keyword is given in "Extract".

MATCH_FILTER

The MATCH_FILTER keyword specifies a filter that is used by the dsimport utility to check whether an entry already exists in the database before creating it. If it exists, the dsimport utility will check whether it needs to be modified.

The MATCH_FILTER keyword is also used by the directory server to respond to commands such as ypmatch.

ALL_FILTER

The ALL_FILTER keyword specifies a filter that is used by the dsexport command to regenerate the file from which the directory entries were originally created. This filter is necessary even if you do not intend to export information from the directory to regenerate the source file for that information.

The ALL_FILTER keyword is used by the directory server to retrieve from the directory all entries that belong to a given NIS table. This is because the directory server maintains a permanently up-to-date copy of the NIS tables.

The ALL_FILTER keyword is also used by the directory server to respond to commands such as ypcat.

DC_NAMING

The DC_NAMING keyword defines the mechanism applied to convert a domain name of the form xyz.com to an LDAP data store suffix or naming context of the form dc=xyz, dc=com. This is useful if the naming structure that you use in your directory is a domain component (dc) structure.

Export Section

The Export section provides the method for regenerating a source file from LDAP directory entries. This section is optional. When it exists, it must contain the keyword LINE. The LINE keyword in the Export section must reflect the format of a line in the original source file.

The Export section contains the following subsections:

In the nis.mapping file, the Build subsection defines the rules for constructing an NIS key/NIS value pair; it also defines the rules for generating the line in the NIS file corresponding to the LDAP directory entry.

Import Section

The Import section provides the method for translating a line in an input file into an LDAP directory entry. This section must contain a LINE keyword that defines how a line in the input file can be decomposed into elements that can be described by LDAP attributes. It must also contain the list of LDAP attributes that are created from a line in the input file.

The Import section contains the following subsections:

In the nis.mapping file, the LINE definition in the Extract subsection specifies the rules for analyzing a line in an NIS source file into smaller units of information called NIS tokens.