Go to main content

Working With Oracle® Solaris 11.3 Directory and Naming Services: LDAP

Exit Print View

Updated: September 2018
 
 

How to Set Up the N2L Service With Custom or Nonstandard Mappings

Use this procedure if the following circumstances apply:

  • The maps you want to use are not listed in Supported Standard Mappings.

  • Standard NIS maps need to be mapped to non-RFC 2307 LDAP mappings.

Before You Begin

Complete the prerequisite steps that are listed in Prerequisites for the NIS-to-LDAP Transition.

  1. Become an administrator on the NIS master server.

    For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.3.

  2. Configure the NIS master server into the N2L server. 
    # inityp2l

    Run the inityp2l script on the NIS master server and follow the prompts. For the list of the information that you need to provide, see Setting Up the NIS-to-LDAP Service.

  3. Modify the /var/yp/NISLDAPmapping file.

    For examples of how to modify the mapping file, see Examples of Custom Maps.

  4. Determine whether the LDAP DIT is fully initialized.

    The DIT is fully initialized if it already contains the information necessary to populate all the maps that are listed in the NISLDAPmapping file. If the DIT is fully initialized, skip Step 5.

  5. Initialize the DIT for the transition from the NIS source files.
    1. Make sure that the old NIS maps are up-to-date. 
      # cd /var/yp
# make

      For more information, see the ypmake(1M) man page.

    2. Stop the NIS daemons. 
      # svcadm disable network/nis/server:default
    3. Copy the NIS maps to the DIT, then initialize N2L support for the maps. 
      # ypserv –Ir

      Wait for ypserv to exit.

      Tip  -  The original NIS dbm files are not overwritten. You can recover these files if needed.
    4. Start the DNS and NIS service to ensure that they use the new maps. 
      # svcadm enable network/dns/client:default
# svcadm enable network/nis/server:default
    5. Skip Step 6 and continue with Step 7.
  6. Initialize the NIS maps.

    Perform this step only if the DIT is fully initialized.

    1. Stop the NIS daemons. 
      # svcadm disable network/nis/server:default
    2. Initialize the NIS maps from information in the DIT. 
      # ypserv -r

      Wait for ypserv to exit.

      Tip  -  The original NIS dbm files are not overwritten. You can recover these files if needed.
    3. Start the DNS and NIS service to ensure that they use the new maps. 
      # svcadm enable network/dns/client:default
# svcadm enable network/nis/server:default
  7. Verify whether the LDAP entries are correct.

    If the entries are incorrect, then the entries cannot be found by LDAP naming service clients.

    # ldapsearch -h server -s sub -b "ou=servdates, dc=..." \ "objectclass=servDates"
  8. Verify the contents of the LDAP maps.

    The following sample output shows how to use the makedbm command to verify the contents of the hosts.byaddr map.

    # makedbm -u LDAP_servdate.bynumber
plato: 1/3/2001
johnson: 2/4/2003,1/3/2001
yeats: 4/4/2002
poe: 3/3/2002,3/4/2000

    If the contents are as expected, the transition from NIS to LDAP was successful.

Copyright © 2002, 2018, Oracle and/or its affiliates. All rights reserved. 
Previous
Next