Home Man
Search
Today's Posts
Register

Linux & Unix Commands - Search Man Pages

OpenSolaris 2009.06 - man page for rpc.nisd (opensolaris section 4)

rpc.nisd(4)				   File Formats 			      rpc.nisd(4)

NAME
       rpc.nisd - configuration file for NIS+ service daemon

SYNOPSIS
       /etc/default/rpc.nisd

DESCRIPTION
       The rpc.nisd file specifies configuration information for the rpc.nisd(1M) server. Config-
       uration information can come from a combination of three places. It can	be  derived  from
       LDAP.  It  can  be specified in the rpc.nisd file. It can be specified on the rpc.nisd(1M)
       command line. The values in the rpc.nisd file  override	values	obtained  from	the  LDAP
       server.	Command line values supersede values in the configuration file.

       The  NIS+LDAPmapping(4)	file contains mapping information connecting  NIS+ object data to
       LDAP entries. See the NIS+LDAPmapping(4) manual page for an overview of the  setup  needed
       to map NIS+ data to or from LDAP.

   Attributes
       The  rpc.nisd(1M)  server  recognizes  the  following attributes. Any values specified for
       these attributes in the rpc.nisd file, including an empty value, override values  obtained
       from  LDAP.  However, the nisplusLDAPconfig* values are read from the rpc.nisd file or the
       command line only. They are not obtained from LDAP.

       The following are attributes used for initial configuration.

       nisplusLDAPconfigDN

	   The DN for configuration information. If empty,  all other  nisplusLDAPConfig*  values
	   are	ignored,  in the expectation that all attributes are specified in this file or on
	   the command line. When nisplusLDAPConfigDN is not specified at all, the DN is  derived
	   from  the  NIS+ domain name by default. If the domain name is x.y.z., the default nis-
	   plusLDAPconfigDN is:

	     nisplusLDAPconfigDN=dc=x,dc=y,dc=z

       nisplusLDAPconfigPreferredServerList

	   The list of servers to use for the configuration phase. There is no default. The  fol-
	   lowing is an example of a value for nisplusLDAPconfigPreferredServerList:

	     nisplusLDAPconfigPreferredServerList=127.0.0.1:389

       nisplusLDAPconfigAuthenticationMethod

	   The authentication method used to obtain the configuration information. The recognized
	   values for nisplusLDAPconfigAuthenticationMethod are:

	   none

	       No authentication attempted.

	   simple

	       Password of proxy user sent in the clear to the LDAP server.

	   sasl/cram-md5

	       Use SASL/CRAM-MD5 authentication. This authentication method may not be	supported
	       by all LDAP servers. A password must be supplied.

	   sasl/digest-md5

	       Use  SASL/DIGEST-MD5  authentication.  This  authentication method may not be sup-
	       ported by all LDAP servers. A password must be supplied.

	   There is no default value. The following is an example of a value for  nisplusLDAPcon-
	   figAuthenticationMethod:

	     nisplusLDAPconfigAuthenticationMethod=simple

       nisplusLDAPconfigTLS

	   The	transport  layer  security  used for the connection to the server. The recognized
	   values are:

	   none

	       No encryption of transport layer data. This is the default value.

	   ssl

	       SSL encryption of transport layer data.	A certificate is required.

	   Export and import control restrictions may limit the availability of  transport  layer
	   security.

       nisplusLDAPconfigTLSCertificateDBPath

	   The	name  of  the  file  containing  the  certificate  database.  The default path is
	   /var/nis, and the default file name is cert7.db.

       nisplusLDAPconfigProxyUser

	   The proxy user used to obtain configuration information. There is no default value. If
	   the	value  ends  with  a  comma,  the  value  of the nisplusLDAPconfigDN attribute is
	   appended. For example:

	     nisplusLDAPconfigProxyUser=cn=nisplusAdmin,ou=People,

       nisplusLDAPconfigProxyPassword

	   The password that should be supplied to LDAP for the proxy  user when the  authentica-
	   tion method requires one. In order to avoid having this password publically visible on
	   the machine, the password should only appear in the configuration file, and	the  file
	   should have an appropriate owner, group, and file mode. There is no default value.

       The following are attributes used for data retrieval. The object class name used for these
       attributes is nisplusLDAPconfig.

       preferredServerList

	   The list of servers to use when reading or writing mapped NIS+ data from or	to  LDAP.
	   There is no default value.  For example:

	     preferredServerList=127.0.0.1:389

       authenticationMethod

	   The	authentication	method to use when reading or writing mapped NIS+ data from or to
	   LDAP. For recognized values, see the LDAPconfigAuthenticationMethod	attribute.  There
	   is no default value. For example,

	     authenticationMethod=simple

       nisplusLDAPTLS

	   The transport layer security to use when reading or writing NIS+ data from or to LDAP.
	   For recognized values,  see the nisplusLDAPconfigTLS attribute. The default	value  is
	   none.  Note	that export and import control restrictions may limit the availability of
	   transport layer security.

       nisplusLDAPTLSCertificateDBPath

	   The name of the file containing the certificate DB. For recognized and default values,
	   see the nisplusLDAPconfigTLSCertificateDBPath attribute.

       defaultSearchBase

	   The	default portion of the DN to use when reading or writing mapped NIS+ data from or
	   to LDAP. The default is derived from the value of the baseDomain attribute,	which  in
	   turn  usually defaults to the NIS+ domain name. If nisplusLDAPbaseDomain has the value
	   x.y.z, the default defaultSearchBase  is dc=x,dc=y,dc=z.   See  the	following  sample
	   attribute value:

	     defaultSearchBase=dc=somewhere,dc=else

       nisplusLDAPbaseDomain

	   The	domain	to  append when NIS+ object names are not fully qualified. The default is
	   the domain the rpc.nisd daemon is  serving, or the first such domain, if there is more
	   than one candidate.

       nisplusLDAPproxyUser

	   Proxy  user used by the rpc.nisd to read or write from or to LDAP. Assumed to have the
	   appropriate permission  to read and modify LDAP data. There is no  default  value.  If
	   the	value  ends in a comma, the value of the defaultSearchBase attribute is appended.
	   For example:

	     nisplusLDAPproxyUser=cn=nisplusAdmin,ou=People,

       nisplusLDAPproxyPassword

	   The password that should be supplied to LDAP for the proxy	user when the authentica-
	   tion  method so requires. In order to avoid having this password publically visible on
	   the machine, the password should only appear in the configuration file, and	the  file
	   should have an appropriate owner, group, and file mode. There is no default value.

       nisplusLDAPbindTimeout
       nisplusLDAPsearchTimeout
       nisplusLDAPmodifyTimeout
       nisplusLDAPaddTimeout
       nisplusLDAPdeleteTimeout

	   Establish timeouts for LDAP bind, search, modify, add,  and delete operations, respec-
	   tively. The default value is 15 seconds for each one. Decimal values are allowed.

       nisplusLDAPsearchTimeLimit

	   Establish a value for the LDAP_OPT_TIMELIMIT option,  which suggests a time limit  for
	   the search operation on the LDAP server. The server may impose its own constraints  on
	   possible values.  See  your	LDAP  server  documentation.  The  default  is	the  nis-
	   plusLDAPsearchTimeout value. Only  integer values are allowed.

	   Since  the nisplusLDAPsearchTimeout limits the amount of time the client rpc.nisd will
	   wait for completion of a  search  operation,  setting  the  nisplusLDAPsearchTimeLimit
	   larger than the nisplusLDAPsearchTimeout is not recommended.

       nisplusLDAPsearchSizeLimit

	   Establish  a  value for the LDAP_OPT_SIZELIMIT option, which suggests a size limit, in
	   bytes, for the search results on the LDAP server. The server may impose its	own  con-
	   straints  on possible values. See your LDAP server documentation. The default is zero,
	   which means unlimited. Only integer values are allowed.

       nisplusLDAPfollowReferral

	   Determines if the rpc.nisd should follow referrals or not.  Recognized values are  yes
	   and no. The default value is no.

       nisplusNumberOfServiceThreads

	   Sets  the  maximum  number of RPC service threads that the rpc.nisd may use. Note that
	   the rpc.nisd may create additional threads for certain tasks, so that the actual  num-
	   ber of threads running may be larger than the nisplusNumberOfServiceThreads value.

	   The	value  of this attribute is a decimal integer from  zero to (2**31)-1, inclusive.
	   Zero, which is the default,	sets the number of service threads to three plus the num-
	   ber of CPUs available when the rpc.nisd daemon starts. For example:

	     nisplusNumberOfServiceThreads=16

       The following attributes specify the action to be taken when some event occurs. The values
       are all of the form event=action. The default action is the  first  one	listed	for  each
       event.

       nisplusLDAPinitialUpdateAction

	   Provides  the  optional  capability	to update all NIS+ data from LDAP, or vice versa,
	   when the rpc.nisd starts. Depending on various factors such	as  both  NIS+	and  LDAP
	   server  and network performance, as well as the amount of data to be uploaded or down-
	   loaded, these operations can consume very significant CPU and memory resources. During
	   upload and download, the rpc.nisd has not yet registered with rpcbind, and provides no
	   NIS+ service. When data is downloaded from LDAP, any new items added to the rpc.nisd's
	   database  get a TTL as for an initial load. See the description for the nisplusLDAPen-
	   tryTtl attribute on NIS+LDAPmapping(4).

	   none

	       No initial update in either direction. This is the default.

	   from_ldap

	       Causes the rpc.nisd to fetch data for all NIS+ objects it serves,  and  for  which
	       mapping entries are available, from the LDAP repository.

	   to_ldap

	       The  rpc.nisd  writes  all NIS+ objects for which it is the master server, and for
	       which mapping entries are available, to the LDAP repository.

       nisplusLDAPinitialUpdateOnly

	   Use in conjunction with nisplusLDAPinitialUpdateAction.

	   no

	       Following the initial update, the rpc.nisd  starts serving NIS+ requests. This  is
	       the default.

	   yes

	       The  rpc.nisd  exits after the initial update.  This value is ignored if specified
	       together with nisplusLDAPinitialUpdateAction=none.

       nisplusLDAPretrieveErrorAction

	   If an error occurs while trying to retrieve an entry from LDAP, one of  the	following
	   actions can be selected:

	   use_cached

	       Action according to nisplusLDAPrefreshError  below. This is the default.

	   retry

	       Retry  the  retrieval  the number of time specified by nisplusLDAPretrieveErrorAt-
	       tempts,	with  the  nisplusLDAPretrieveErrorTimeout  value  controlling	the  wait
	       between each attempt.

	   try_again
	   unavail
	   no_such_name

	       Return  NIS_TRYAGAIN, NIS_UNAVAIL, or NIS_NOSUCHNAME, respectively, to the client.
	       Note that the client code may not be prepared for this and can react in unexpected
	       ways.

       nisplusLDAPretrieveErrorAttempts

	   The	number	of  times a failed retrieval should be retried. The default is unlimited.
	   The nisplusLDAPretrieveErrorAttempts value is ignored unless  nisplusLDAPretrieveErro-
	   rAction=retry.

       nisplusLDAPretrieveErrorTimeout

	   The	timeout  (in seconds) between each new attempt to retrieve LDAP data. The default
	   is 15 seconds. The value for nisplusLDAPretrieveErrorTimeout is ignored  unless   nis-
	   plusLDAPretrieveErrorAction=retry.

       nisplusLDAPstoreErrorAction

	   An error occurred while trying to store data to  the LDAP repository.

	   retry

	       Retry  operation  nisplusLDAPstoreErrorAttempts	times with nisplusLDAPstoreError-
	       Timeout seconds between each attempt. Note that this may tie up a  thread  in  the
	       rpc.nisd daemon.

	   system_error

	       Return NIS_SYSTEMERROR to the client.

	   unavail

	       Return  NIS_UNAVAIL  to	the client. Note that the client code may not be prepared
	       for this and can react in unexpected ways.

       nisplusLDAPstoreErrorAttempts

	   The number of times a failed attempt to store should be retried. The default is unlim-
	   ited.  The  value  for  nisplusLDAPstoreErrorAttempts  is  ignored unless nisplusLDAP-
	   storeErrorAction=retry.

       nisplusLDAPstoreErrortimeout

	   The timeout, in seconds, between each new attempt to store LDAP data. The  default  is
	   15  seconds.  The  nisplusLDAPstoreErrortimeout  value  is ignored unless nisplusLDAP-
	   storeErrorAction=retry.

       nisplusLDAPrefreshErrorAction

	   An error occured while trying to refresh a cache entry.

	   continue_using

	       Continue using expired cache entry,  if one is available. Otherwise,  the   action
	       is retry. This is the default.

	   retry

	       Retry  operation  nisplusLDAPrefreshErrorAttempts times with nisplusLDAPrefreshEr-
	       rorTimeout seconds between each attempt. Note that this may tie up a thread in the
	       rpc.nisd daemon.

	   cache_expired
	   tryagain

	       Return  NIS_CACHEEXPIRED  or  NIS_TRYAGAIN, respectively, to the client. Note that
	       the client code may not be prepared for this and could  can  react  in  unexpected
	       ways.

       nisplusLDAPrefreshErrorAttempts

	   The number of times a failed refresh should be retried. The default is unlimited. This
	   applies to the retry and continue_using actions, but for the latter, only  when  there
	   is no cached entry.

       nisplusLDAPrefreshErrorTimeout

	   The	timeout (in seconds) between each new attempt to refresh  data. The default is 15
	   seconds. The value for nisplusLDAPrefreshErrorTimeout applies to the  retry	and  con-
	   tinue_using actions.

       nisplusThreadCreationErrorAction

	   The	action	to  take when an error occured while trying to	create a new thread. This
	   only applies to threads controlled by the rpc.nisd daemon not to RPC service  threads.
	   An  example	of  threads  controlled by the rpc.nisd daemon are those created to serve
	   nis_list(3NSL) with callback, as used by niscat(1) to enumerate tables.

	   pass_error

	       Pass on the thread creation error to the client, to the	extent	allowed   by  the
	       available  NIS+	error codes. The error might be NIS_NOMEMORY, or another resource
	       shortage error. This action is the default.

	   retry

	       Retry operation nisplusThreadCreationErrorAttempts times,  waiting  nisplusThread-
	       CreationErrorTimeout  seconds  between  each  attempt. Note that this may tie up a
	       thread in the rpc.nisd daemon.

       nisplusThreadCreationErrorAttempts

	   The number of times a failed thread creation should be retried. The default is  unlim-
	   ited.  The  value  for  nisplusThreadCreationErrorAttempts is ignored unless the  nis-
	   plusThreadCreationErrorAction=retry.

       nisplusThreadCreationErrorTimeout

	   The number of seconds to wait between each  new  attempt   to  create  a  thread.  The
	   default is 15 seconds. Ignored unless nisplusThreadCreationErrorAction=retry.

       nisplusDumpError

	   An  error  occurred	during	a  full  dump  of  a NIS+ directory  from the master to a
	   replica. The replica can:

	   retry

	       Retry operation nisplusDumpErrorAttempts  times	 waiting  nisplusDumpErrorTimeout
	       seconds between each attempt. Note that this may tie up a thread in the rpc.nisd.

	   rollback

	       Try  to roll back the changes made so far before retrying per the retry action. If
	       the rollback fails or cannot be performed due to the selected  ResyncServiceAction
	       level, the retry action is selected.

       nisplusDumpErrorAttempts

	   The	number of times a failed full dump should be retried.	The default is unlimited.
	   When the number of retry attempts has been used up, the full dump  is  abandoned,  and
	   will not  be retried again until a resync fails because no update time  is available.

       nisplusDumpErrorTimeout

	   The number of seconds to wait between each attempt to execute a full dump. The default
	   is 120 seconds.

       nisplusResyncService

	   Type of NIS+ service to be provided by a replica during resync, that is, data transfer
	   from NIS+ master to NIS+ replica. This includes both partial and full resyncs.

	   from_copy

	       Service	is provided from a copy of the directory to be resynced  while the resync
	       is in progress. Rollback is  possible if an error occurs. Note that making a  copy
	       of  the	directory may require a significant amount of time, depending on the size
	       of the tables in the directory and available memory  on the system.

	   directory_locked

	       While the resync for a directory is in progress,  it  is  locked  against  access.
	       Operations  to the directory are blocked until the resync is done. Rollback is not
	       possible.

	   from_live

	       The replica database is updated in  place. Rollback is not possible. If there  are
	       dependencies  between  individual updates in the resync, clients may be exposed to
	       data inconsistencies   during the resync. In particular,  directories   or  tables
	       may disappear for a time during a full dump.

       nisplusUpdateBatching

	   How updates should be batched together on the master.

	   accumulate

	       Accumulate  updates for at least  nisplusUpdateBatchingTimeout seconds. Any update
	       that comes in before the timeout has occured will reset the timeout counter. Thus,
	       a  steady   stream of updates less than nisplusUpdateBatchingTimeout seconds apart
	       could delay pinging  replicas indefinitely.

	   bounded_accumulate

	       Accumulate updates for at least nisplusUpdateBatchingTimeout seconds. The  default
	       value  for  timeout  is	120  seconds.  Incoming  updates do not reset the timeout
	       counter, so replicas will be informed once the initial timeout has expired.

	   none

	       Updates are not batched.  Instead,   replicas  are  informed  immediately  of  any
	       update.	While this should  maximize data consistency between master and replicas,
	       it can also cause considerable overhead on both master and replicas.

       nisplusUpdateBatchingTimeout

	   The minimum time (in seconds) during which to accumulate  updates. Replicas	will  not
	   be pinged during this time.	The default is 120 seconds.

       nisplusLDAPmatchFetchAction

	   A  NIS+  match  operation,  that  is,  any search other than a table enumeration, will
	   encounter one of the following situations:

	       1.     Table believed to be entirely in cache, and all cached entries are known to
		      be valid. The cached  tabled data is authoritative for the match operation.

	       2.     Table  wholly or partially cached, but there may be individual entries that
		      have timed out.

	       3.     No cached entries for the table. Always attempt to retrieve  matching  data
		      from LDAP.
	   When  the  table  is  wholly or partially cached, the action for the nisplusLDAPmatch-
	   FetchAction attribute controls whether or not the LDAP repository is  searched:

	   no_match_only

	       Only go to LDAP when there is no match at all on the search of the available  NIS+
	       data, or the match includes at least one entry that has timed out.

	   always

	       Always make an LDAP lookup.

	   never

	       Never make an LDAP lookup.

       nisplusMaxRPCRecordSize

	   Sets  the  maximum  RPC  record size that NIS+ can use over connection oriented trans-
	   ports. The minimum record size is 9000, which is the default. The default  value  will
	   be used in place of any value less than 9000. The value of this attribute is a decimal
	   integer from 9000 to 2^31, inclusive.

   Storing Configuration Attributes in LDAP
       Most attributes described on this man page, as well as those from NIS+LDAPmapping(4),  can
       be  stored  in  LDAP. In order to do so, you will need to add the following definitions to
       your LDAP server, which are described here in LDIF format suitable for use by  ldapadd(1).
       The attribute and object class OIDs are examples only.

	 dn: cn=schema
	 changetype: modify
	 add: attributetypes
	 OIDattributetypes: ( 1.3.6.1.4.1.11.1.3.1.1.1 \
		   NAME 'defaultSearchBase' \
		   DESC 'Default LDAP base DN used by a DUA' \
		   EQUALITY distinguishedNameMatch \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.11.1.3.1.1.2 \
		   NAME 'preferredServerList' \
		   DESC 'Preferred LDAP server host addresses used by DUA' \
		   EQUALITY caseIgnoreMatch \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.11.1.3.1.1.6 \
		   NAME 'authenticationMethod' \
		   DESC 'Authentication method used to contact the DSA' \
		   EQUALITY caseIgnoreMatch \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )

	 dn: cn=schema
	 changetype: modify
	 add: attributetypes
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.0 \
		   NAME 'nisplusLDAPTLS' \
		   DESC 'Transport Layer Security' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.1 \
		   NAME 'nisplusLDAPTLSCertificateDBPath' \
		   DESC 'Certificate file' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.2 \
		   NAME 'nisplusLDAPproxyUser' \
		   DESC 'Proxy user for data store/retrieval' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.3 \
		   NAME 'nisplusLDAPproxyPassword' \
		   DESC 'Password/key/shared secret for proxy user' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.4 \
		   NAME 'nisplusLDAPinitialUpdateAction' \
		   DESC 'Type of initial update' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.5 \
		   NAME 'nisplusLDAPinitialUpdateOnly' \
		   DESC 'Exit after update ?' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.6 \
		   NAME 'nisplusLDAPretrieveErrorAction' \
		   DESC 'Action following an LDAP search error' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.7 \
		   NAME 'nisplusLDAPretrieveErrorAttempts' \
		   DESC 'Number of times to retry an LDAP search' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.8 \
		   NAME 'nisplusLDAPretrieveErrorTimeout' \
		   DESC 'Timeout between each search attempt' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.9 \
		   NAME 'nisplusLDAPstoreErrorAction' \
		   DESC 'Action following an LDAP store error' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.10 \
		   NAME 'nisplusLDAPstoreErrorAttempts' \
		   DESC 'Number of times to retry an LDAP store' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.11 \
		   NAME 'nisplusLDAPstoreErrorTimeout' \
		   DESC 'Timeout between each store attempt' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.12 \
		   NAME 'nisplusLDAPrefreshErrorAction' \
		   DESC 'Action when refresh of NIS+ data from LDAP fails' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.13 \
		   NAME 'nisplusLDAPrefreshErrorAttempts' \
		   DESC 'Number of times to retry an LDAP refresh' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.14 \
		   NAME 'nisplusLDAPrefreshErrorTimeout' \
		   DESC 'Timeout between each refresh attempt' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.15 \
		   NAME 'nisplusNumberOfServiceThreads' \
		   DESC 'Max number of RPC service threads' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.16 \
		   NAME 'nisplusThreadCreationErrorAction' \
		   DESC 'Action when a non-RPC-service thread creation fails' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.17 \
		   NAME 'nisplusThreadCreationErrorAttempts' \
		   DESC 'Number of times to retry thread creation' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.18 \
		   NAME 'nisplusThreadCreationErrorTimeout' \
		   DESC 'Timeout between each thread creation attempt' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.19 \
		   NAME 'nisplusDumpErrorAction' \
		   DESC 'Action when a NIS+ dump fails' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.20 \
		   NAME 'nisplusDumpErrorAttempts' \
		   DESC 'Number of times to retry a failed dump' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.21 \
		   NAME 'nisplusDumpErrorTimeout' \
		   DESC 'Timeout between each dump attempt' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.22 \
		   NAME 'nisplusResyncService' \
		   DESC 'Service provided during a resync' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.23 \
		   NAME 'nisplusUpdateBatching' \
		   DESC 'Method for batching updates on master' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.24 \
		   NAME 'nisplusUpdateBatchingTimeout' \
		   DESC 'Minimum time to wait before pinging replicas' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.25 \
		   NAME 'nisplusLDAPmatchFetchAction' \
		   DESC 'Should pre-fetch be done ?' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.26 \
		   NAME 'nisplusLDAPbaseDomain' \
		   DESC 'Default domain name used in NIS+/LDAP mapping' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.27 \
		   NAME 'nisplusLDAPdatabaseIdMapping' \
		   DESC 'Defines a database id for a NIS+ object' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.28 \
		   NAME 'nisplusLDAPentryTtl' \
		   DESC 'TTL for cached objects derived from LDAP' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.29 \
		   NAME 'nisplusLDAPobjectDN' \
		   DESC 'Location in LDAP tree where NIS+ data is stored' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.30 \
		   NAME 'nisplusLDAPcolumnFromAttribute' \
		   DESC 'Rules for mapping LDAP attributes to NIS+ columns' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
	 attributetypes: ( 1.3.6.1.4.1.42.2.27.5.42.42.18.31 \
		   NAME 'nisplusLDAPattributeFromColumn' \
		   DESC 'Rules for mapping NIS+ columns to LDAP attributes' \
		   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

	 dn: cn=schema
	 changetype: modify
	 add: objectclasses
	 objectclasses:  ( 1.3.6.1.4.1.42.2.27.5.42.42.19.0 \
		   NAME 'nisplusLDAPconfig' \
		   DESC 'NIS+/LDAP mapping configuration' \
		   SUP top STRUCTURAL MUST ( cn ) \
		   MAY ( preferredServerList $ defaultSearchBase $
		     authenticationMethod $ nisplusLDAPTLS $
		     nisplusLDAPTLSCertificateDBPath $
		     nisplusLDAPproxyUser $ nisplusLDAPproxyPassword $
		     nisplusLDAPinitialUpdateAction $
		     nisplusLDAPinitialUpdateOnly $
		     nisplusLDAPretrieveErrorAction $
		     nisplusLDAPretrieveErrorAttempts $
		     nisplusLDAPretrieveErrorTimeout $
		     nisplusLDAPstoreErrorAction $
		     nisplusLDAPstoreErrorAttempts $
		     nisplusLDAPstoreErrorTimeout $
		     nisplusLDAPrefreshErrorAction $
		     nisplusLDAPrefreshErrorAttempts $
		     nisplusLDAPrefreshErrorTimeout $
		     nisplusNumberOfServiceThreads $
		     nisplusThreadCreationErrorAction $
		     nisplusThreadCreationErrorAttempts $
		     nisplusThreadCreationErrorTimeout $
		     nisplusDumpErrorAction $
		     nisplusDumpErrorAttempts $
		     nisplusDumpErrorTimeout $
		     nisplusResyncService $ nisplusUpdateBatching $
		     nisplusUpdateBatchingTimeout $
		     nisplusLDAPmatchFetchAction $
		     nisplusLDAPbaseDomain $
		     nisplusLDAPdatabaseIdMapping $
		     nisplusLDAPentryTtl $
		     nisplusLDAPobjectDN $
		     nisplusLDAPcolumnFromAttribute $
		     nisplusLDAPattributeFromColumn ) )

       Create  a  file containing the following LDIF data. Substitute your actual search base for
       searchBase, and your fully qualified domain name for domain:

	 dn: cn=domain,searchBase
	 cn: domain
	 objectClass: top
	 objectClass: nisplusLDAPconfig

       Use this file as input to the ldapadd(1) command in order to create the NIS+/LDAP configu-
       ration entry. Initially, the entry  is empty. You can use the ldapmodify(1) command to add
       configuration attributes.

EXAMPLES
       Example 1 Creating a NIS+/LDAP Configuration Entry

       To set the nisplusNumberOfServiceThreads attribute to 32, create the  following	file  and
       use it as input to ldapmodify(1):

	 dn: cn=domain,searchBase
	 nisplusNumberOfServiceThreads: 32

ATTRIBUTES
       See attributes(5)  for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWnisr			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |(Obsolete)		   |
       +-----------------------------+-----------------------------+

SEE ALSO
       nisldapmaptest(1M), rpc.nisd(1M), NIS+LDAPmapping(4), attributes(5)

       System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)

SunOS 5.11				   18 Feb 2003				      rpc.nisd(4)


All times are GMT -4. The time now is 03:41 AM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.
UNIX.COM Login
Username:
Password:  
Show Password