Working With Oracle® Solaris 11.2 Directory and Naming Services: LDAP

Exit Print View

 
Updated: July 2014
 
 

How to Set Up the N2L Service With Custom or Nonstandard Mappings

Use this procedure if the following circumstances apply:

  • You have maps that are not listed in Supported Standard Mappings.

  • You have standard NIS maps that you want to map to non-RFC 2307 LDAP mappings.

  1. Complete the prerequisite steps that are listed in Prerequisites for the NIS-to-LDAP Transition.
  2. Become an administrator on the NIS master server.

    For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.2 .

    Roles contain authorizations and privileged commands. For more information about roles, see Chapter 3, Assigning Rights in Oracle Solaris, in Securing Users and Processes in Oracle Solaris 11.2 .

  3. Configure the NIS master server into the N2L server.
    # inityp2l

    Run the inityp2l script on the NIS master server and follow the prompts. See Setting Up the NIS-to-LDAP Service for a list of the information you need to provide.

    See the inityp2l(1M) man page for more details.

  4. Modify the /var/yp/NISLDAPmapping file.

    See Examples of Custom Maps for examples of how to modify the mapping file.

  5. Determine whether the LDAP directory information tree (DIT) is fully initialized.

    The DIT is fully initialized if it already contains the information necessary to populate all the maps that are listed in the NISLDAPmapping file.

    • If the DIT is fully initialized, skip Step 6.

  6. Initialize the DIT for the transition from the NIS source files.
    1. Make sure that the old NIS maps are up-to-date.
      # cd /var/yp
# make

      For more information, see the ypmake(1M) man page.

    2. Stop the NIS daemons.
      # svcadm disable network/nis/server:default
    3. Copy the old maps to the DIT, then initialize N2L support for the maps.
      # ypserv –Ir

      Wait for ypserv to exit.

      Tip  -  The original NIS dbm files are not overwritten. You can recover these files if needed.
    4. Start the DNS and NIS service to ensure that they use the new maps.
      # svcadm enable network/dns/client:default
# svcadm enable network/nis/server:default
    5. Skip Step 7 and continue with Step 8.
  7. Initialize the NIS maps.

    Perform this step only if the DIT is fully initialized.

    1. Stop the NIS daemons.
      # svcadm disable network/nis/server:default
    2. Initialize the NIS maps from information in the DIT.
      # ypserv -r

      Wait for ypserv to exit.

      Tip  -  The original NIS dbm files are not overwritten. You can recover these files if needed.
    3. Start the DNS and NIS service to ensure that they use the new maps.
      # svcadm enable network/dns/client:default
# svcadm enable network/nis/server:default
  8. Verify that the LDAP entries are correct.

    If the entries are not correct, then the entries cannot be found by LDAP naming service clients.

    # ldapsearch -h server -s sub -b "ou=servdates, dc=..." \ "objectclass=servDates"
  9. Verify the contents of the LDAP maps.

    The following sample output shows how to use the makedm command to verify the contents of the hosts.byaddr map.

    # makedbm -u LDAP_servdate.bynumber
plato: 1/3/2001
johnson: 2/4/2003,1/3/2001
yeats: 4/4/2002
poe: 3/3/2002,3/4/2000

    If the contents are as expected, the transition from NIS to LDAP was successful.

    Note that the original NIS dbm files are not overwritten, so you can always recover those files. See Reverting to NIS for more information.

Copyright © 2002, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous
Next