NIDOMAIN(8) System Manager's Manual NIDOMAIN(8)NAME
nidomain - NetInfo domain utility
SYNOPSIS
nidomain -l [ hostname ]
nidomain -m tag
nidomain -d tag
nidomain -c tag master/remotetag
DESCRIPTION
The nidomain utility is an interface to nibindd(8), to which it sends all of its requests about the domains served on a given machine. It
also can be used to create and destroy NetInfo databases.
The nidomain utility will allow one to create multiple levels of NetInfo hierarchy, but it is not a particularly easy way to do it. One
should use the NetInfo Manager application for setting up multilevel hierarchies.
OPTIONS -l [ hostname ]
List the domains by tag served on the given hostname. If hostname is unspecified, the local host is used.
-m tag Create a new NetInfo database and server on the local machine for the domain tag of tag.
-d tag Destroy the local NetInfo database and server associated with the domain tagged tag. If the database was associated with a clone,
the machine's ``serves'' property on the master is NOT modified to reflect the fact that the database has been deleted.
-c tag master/remotetag
Creates a clone NetInfo database with the domain tagged tag. The database is cloned from the machine master and remote tag remote-
tag. The machine's ``serves'' property should be set up prior to running this command to contain the entry "./tag".
SEE ALSO nibindd(8)Apple Computer, Inc. March 23, 1989 NIDOMAIN(8)
Check Out this Related Man Page
NIGREP(1) General Commands Manual NIGREP(1)NAME
mkslapdconf - generate a configuration file for the LDAP server
SYNOPSIS
mkslapdconf [ -r ]
DESCRIPTION
mkslapdconf creates a configuration file suitable for the slapd(8) LDAP server, using the LDAP NetInfo bridge (back-netinfo). By default,
it is invoked in local mode, in which a list of NetInfo domains to serve is determined by listing the valid databases in /var/db/netinfo.
If the -r option is specified, then mkslapdconf consults the NetInfo binder daemon, nibindd(8), to list the NetInfo domains served by the
local machine. In either case, a separate instance of the bridge is created for each domain (although they all share the same process). In
local mode, slapd(8) will access the NetInfo database directly; in remote mode, it will use the netinfo(3) client library to access the
database via remote procedure calls (RPC).
NetInfo has separate namespaces for domains and directories; in the X.500 information model, there is a single namespace. NetInfo names
are written most significant component to least significant; X.500 "distinguished" names are usually written the other way. X.500 names are
also case-insensitive.
The mapping between NetInfo domains and X.500 names may be configured using the suffix property in a specific host's /machines entry. Like
the serves property, the suffix property determines the relative domain name of a child domain; its values must be ordered according to the
serves property in each host entry. In the case of the master NetInfo server's host entry, the value of the suffix property at the same
index as the "./tag" serves property will be used to determine the distinguished name for the root NetInfo domain. In the absence of a
specific mapping, the ou attribute type is used to construct a relative distinguished name from the NetInfo domain name. Note that in the
present implementation, even if the NetInfo database is accessed directly, the NetInfo server must still be running as the namespace is
interrogated using NetInfo RPC. See nicl(1) for more information on how NetInfo directory names are mapped to X.500 distinguished names.
For example, the NetInfo entry /users/alice in the NetInfo domain /sales/polaris would be (with RFC 2307 schema mapping) by default mapped
to the distinguished name uid=alice,cn=users,ou=polaris,ou=sales.
mkslapdconf configures the LDAP bridge to apply traditional NetInfo authorization policies, as well as the native slapd(8) authorization
model. If the current host is not the master for a NetInfo domain, then the LDAP bridge will be configured for read-only access only.
Referrals are used to glue NetInfo domains together so that the search policy described in netinfo(5) is adhered to. mkslapdconf config-
ures a default referral for the immediate parent domain; child domains are handled by the bridge itself. The local domain is always aliased
to the distinguished name dc=local, and (for one-level and subtree searches) the root (empty) DSE. A search with a base of "dc=local" or ""
will consult the local NetInfo domain; search results will always be written relative to the canonical distinguished name for the domain,
however.
The configuration file created by mkslapdconf includes the OpenLDAP core, Cosine (RFC 1274), NIS (RFC 2307) inetOrgPerson (RFC 2798), mis-
cellaneous and Apple schema. If you wish to add support for additional schema you will need to postprocess the configuration file manu-
ally.
The configuration file is written to the standard output. mkslapdconf should be run at startup immediately before the LDAP server is
started, but after the NetInfo server is started.
OPTIONS -r Specify that the LDAP bridge will access the NetInfo database using the netinfo(3) RPC client library.
EXAMPLES
# mkslapdconf > /etc/openldap/slapd.conf
SEE ALSO netinfo(3), netinfo(5), nibindd(8), nicl(1), nidomain(8), slapd(8)AUTHOR
Luke Howard, Apple Computer, Inc.
Apple Computer, Inc. March 21, 2001 NIGREP(1)