Application-level naming services are incorporated in applications offering services such as files, mail, and printing. Application-level naming services are bound below enterprise-level naming services. The enterprise-level naming services provide contexts in which contexts of application-level naming services can be bound.
Each LDAP entry consists of a number of named attributes, each of which has one or more values.
Also, the N2L service mapping and configuration files each consist of a number of named attributes. Each attribute has one or more values.
The DN where part of the DIT is rooted. When this is the baseDN for an NIS domains entries it is also referred to as a context.
(1) The client is a principal (system or user) requesting a naming service from a naming server.
(2) In the client-server model for file systems, the client is a system that remotely accesses resources of a compute server, such as compute power and large memory capacity.
(3) In the client-server model, the client is an application that accesses services from a "server process". In this model, the client and the server can run on the same system or on separate systems.
A common way to describe network services and the model user processes (programs) of those services. Examples include the name-server/name-resolver paradigm of the Domain Name System (DNS). See also client.
For the N2L service, a context is something under which a NIS domain is generally mapped. See also baseDN.
The authentication information that the client software sends along with each request to a naming server. This information verifies the identity of a user or system.
Any map that is not a standard map and therefore requires manual modifications to the mapping file when transitioning from NIS to LDAP.
An LDAP directory is a container for LDAP objects. In UNIX, a container for files and subdirectories.
The DIT is the distributed directory structure for a given network. By default, clients access the information assuming that the DIT has a given structure. For each domain supported by the LDAP server, there is an assumed subtree with an assumed structure.
A distinguished name is an entry in an X.500 directory information base (DIB) composed of selected attributes from each entry in the tree along a path leading from the root down to the named entry.
A distinguished name in LDAP. A tree-like structured addressing scheme of the LDAP directory which gives a unique name to each LDAP entry.
(1) In the Internet, a part of a naming hierarchy usually corresponding to a Local Area Network (LAN) or Wide Area Network (WAN) or a portion of such a network. Syntactically, an Internet domain name consists of a sequence of names (labels) separated by periods (dots). For example, sales.example.com.
(2) In International Organization for Standardization’s open systems interconnection (OSI), "domain" is generally used as an administrative partition of a complex distributed system, as in MHS private management domain (PRMD), and directory management domain (DMD).
The name assigned to a group of systems on a local network that share DNS administrative files. The domain name is required for the network information service database to work properly. See also domain.
A service that provides the naming policy and mechanisms for mapping domain and system names to addresses outside of the enterprise, such as those on the Internet. DNS is the network information service used by the Internet.
A unique number that identifies each host in a network.
IP addresses that are used in this guide conform to RFC 5737, IPv4 Address Blocks Reserved for Documentation and RFC 3849, IPv6 Address Prefix Reserved for Documentation.
IPv4 addresses used in this documentation are blocks 192.0.2.0/24, 198.51.100.0/24, and 203.0.113.0/24.
To show a subnet, the block is divided into multiple subnets by borrowing enough bits from the host to create the required subnet. For example, host address 192.0.2.0 might have subnets 192.0.2.32/27 and 192.0.2.64/27.
IPv6 addresses have prefix 2001:DB8::/32.
Lightweight Directory Access Protocol is a standard, extensible directory access protocol used by LDAP naming service clients and servers to communicate with each other.
An LDAP client is a system that reads and writes to any LDAP server. An LDAP naming service client handles a customized subset of naming information.
The process of converting NIS entries to or from DIT entries. This process is controlled by a mapping file.
The NISLDAPmapping file that establishes how to map entries between NIS and LDAP files.
The svc:/system/name-service/switch service which defines the sources from which an naming client can obtain its network information.
A network service that handles system, user, domain, router, and other network names and addresses.
(1) A namespace stores information that users, workstations, and applications must have to communicate across the network.
(2) The set of all names in a naming system.
A distributed network information service containing key information about the systems and the users on the network. The NIS database is stored on the master server and all the replica or slave servers.
A file used by NIS that holds information of a particular type, for example, the password entries of all users on a network or the names of all systems on a network. Programs that are part of the NIS service query these maps. See also NIS.
Standard NIS maps that are customized to use mappings between NIS and the LDAP DIT other than the mappings identified in RFC 2307 or its successor.
The ypserv daemon uses the N2L configuration files, /var/yp/NISLDAPmapping and /var/yp/ypserv, to start the master server in N2L mode. For more information, see the NISLDAPmapping(4) and ypserv(4) man pages.
An NIS master server that is reconfigured as an N2L server by using the N2L service. Reconfiguration includes replacing NIS daemons and adding new configuration files.
A client_info table or a client_info file. Preferred server lists specify the preferred servers for a client or domain.
The private component of a pair of mathematically generated numbers, which, when combined with a private key, generates the DES key. The DES key in turn is used to encode and decode information. The private key of the sender is only available to the owner of the key. Every user or system has its own public and private key pair.
The public component of a pair of mathematically generated numbers, which, when combined with a private key, generates the DES key. The DES key in turn is used to encode and decode information. The public key is available to all users and systems. Every user or system has their own public and private key pair.
RFC specifying a mapping of information from the standard NIS maps to DIT entries. By default, the N2L service implements the mapping specified in an updated version RFC 2307bis.
The simple authentication and security layer. A framework for negotiating authentication and security layer semantics in application-layer protocols.
A description of where to look for a given attribute in the DIT. The searchTriple is composed of a base dn, scope, and filter. This is part of the LDAP URL format as defined in RFC 2255.
Password required by the secure RPC protocol. This password is used to encrypt the private key. This password should always be identical to the user’s login password.
(1) In NIS, DNS, and LDAP a host system providing naming services to a network.
(2) In the client-server model for file systems, the server is a system with computing resources (and is sometimes called the compute server), and large memory capacity. Client systems can remotely access and make use of these resources. In the client-server model for window systems, the server is a process that provides windowing services to an application, or "client process". In this model, the client and the server can run on the same system or on separate systems.
(3) A daemon that actually handles the providing of files.
A server system that maintains a copy of the NIS database. It has a disk and a complete copy of the operating environment.
SSL is the Secure Sockets Layer protocol. It is a generic transport-layer security mechanism designed to make application protocols such as LDAP secure.
NIS maps that are supported by the N2L service without requiring manual modification to the mapping file. For information about the supported standard maps, see Supported Standard Mappings.