System Administration Commands nisldapmaptest(1M)
NAME
nisldapmaptest - test NIS] and LDAP mapping configuration
files
SYNOPSIS
nisldapmaptest [-s -r -d] [-l -t object] [-v] [-i]
[-o] [-m conffile] [-x attr=val...] [ col=val]...
DESCRIPTION
Use the nisldapmaptest utility to test NIS] to LDAP mapping
configuration files. See NIS]LDAPmapping(4). The nisldapmap-
test utility uses much of the same internal interface as the
rpc.nisd(1M) does to read, add, modify, or delete LDAP
data, as specified by the column name and value operand
pairs. nisldapmaptest does not read or modify any of the
rpc.nisd(1M) database files.
See for details on important differences between the ways
that nisldapmaptest and rpc.nisd(1M) operate on LDAP data.
OPTIONS
The nisldapmaptest utility supports the following options:
-d Delete data in LDAP.
-i Ignore failures when obtaining information
from the NIS] server. This enables
nisldapmaptest to work to some extent,
even if the NIS] server is unreachable, or
if the system is not a NIS] client. How-
ever, NIS] lookups are still attempted,
so there may be NIS] error messages.
In this mode, nisldapmaptest also tries to
guess things such as NIS] object types
and derives table column information from
the mapping rules in the configuration
files. Avoid using the -i option to add,
modify, or delete, until you have deter-
mined that the nisldapmaptest's guesses
are adequate for your needs.
-l Parse the configuration file into internal
data structures, and then print out the
configuration per those structures. Note
that the printed data is not in confi-
guration file format.
SunOS 5.11 Last change: 5 Dec 2001 1
System Administration Commands nisldapmaptest(1M)
Either -l or -t must be specified. If both
are present, -l is ignored.
-m conffile Specify the name of the NIS]LDAPmapping(4)
configuration file. The default directory
is /var/nis , and the default mapping file
is NIS]LDAPmapping.
-o For NIS] tables, work on the NIS] object
itself, specified by means of the -t
option, not on the table entries.
-r Replace or add data in LDAP.
-s Search for data in LDAP. This is the
default.
-t object Specify the NIS] object on which to
operate. If the object name is not fully
qualified, that is, it does not end in a
dot, the value of the nisplusLDAP-
baseDomain attribute is appended.
-v Set the verbose flag. This flag produces
extra diagnostic information.
-x attr=val... Specify mapping attribute and value pairs
to override those obtained by means of
the configuration file. Although any
attributes defined on NIS]LDAPmapping(4)
or rpc.nisd(4) can be specified, the ones
that control rpc.nisd(1M) operation have
no effect on nisldapmaptest.
OPERANDS
The following operands are supported:
col=val... NIS] column and value pairs used to specify
which entries should be looked up, added,
modified, or deleted. For additions and modif-
ications, use col=val to specify the new
values.
SunOS 5.11 Last change: 5 Dec 2001 2
System Administration Commands nisldapmaptest(1M)
EXAMPLES
Example 1 Searching for a User
Use the following example to search for the user xyzzy in
the LDAP container specified for the passwd.orgdir table.
example% nisldapmaptest -t passwd.orgdir name=xyzzy
Example 2 Listing Table Entries
Use the following example to list all entries in the con-
tainer specified for the services.orgdir table.
example% nisldapmaptest -t services.orgdir
Example 3 Listing an Object
Use the following example to list the services.orgdir
object itself, as it is stored in LDAP.
example% nisldapmaptest -o -t services.orgdir
Example 4 Modifying a Table Entry
Use the following example to modify the membership list of
the group grp, in the container specified for the
group.orgdir table, to be mem1, mem2, and mem3.
example% nisldapmaptest -r -t group.orgdir name=grp \
members=mem1,mem2,mem3
Example 5 Deleting a Table Entry
Use the following example to delete the host called bad from
the container specified for the hosts.orgdir table.
SunOS 5.11 Last change: 5 Dec 2001 3
System Administration Commands nisldapmaptest(1M)
example% nisldapmaptest -d -t hosts.orgdir name=bad
EXIT STATUS
The following exit values are returned:
0 The requested operation was successful.
!= 0 An error occurred.
FILES
/var/nis/NIS]LDAPmapping.template
/etc/default/rpd.nisd
ATRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
ATRIBUTE TYPE ATRIBUTE VALUE
Availability SUNWnisr
Interface Stability Obsolete
SEE ALSO
rpc.nisd(1M), NIS]LDAPmapping(4), rpc.nisd(4), attributes(5)
NOTES
There are several differences between the ways that nisldap-
maptest and rpc.nisd operate:
1. nisldapmaptest obtains information about NIS] by
means of the NIS] API calls, while rpc.nisd looks
in its internal database. Thus, if the NIS] server
is not available, nisldapmaptest may be unable to
determine NIS] object types or table column infor-
mation.
SunOS 5.11 Last change: 5 Dec 2001 4
System Administration Commands nisldapmaptest(1M)
2. While nisldapmaptest can add, modify, or delete
LDAP data, it does not modify any NIS] data.
3. When operating on table entries, if nisldapmaptest
is unable to obtain the entry from NIS], it com-
poses LDAP operations using only the supplied
col=val operands. Depending on the mapping used,
this can result in extra LDAP operations, for exam-
ple, attempting to obtain a DN for add, modify, or
delete.
4. The default value for nisplusLDAPbaseDomain is the
system domain name per sysinfo(2) in nisldapmap-
test, but the internal notion of the domain it
serves in rpc.nisd. While the two usually are the
same, this is not necessarily always the case.
5. When more than one NIS] entry maps to a single LDAP
entry, nisldapmaptest may be unable to perform a
complete update, unless you make sure that the
col=val specification picks up all relevant NIS]
entries. For example, if you have the
services.orgdir NIS] entries:
cname name proto port
x x tcp 12345
x y tcp 12345
x z tcp 12345
then specifying cname=x will pick up all three
entries and create or modify the corresponding LDAP
entry to have three CN values: x, y, and z. How-
ever, specifying name=x will match just the first
NIS] entry, and create or modify the LDAP entry to
have just one CN: x.
SunOS 5.11 Last change: 5 Dec 2001 5
|
