diff options
| author | Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | 2009-06-17 15:44:31 -0400 |
|---|---|---|
| committer | Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | 2009-06-17 15:44:31 -0400 |
| commit | 85279ca2a378d6484ab83ad1ac3bc87a0cac8409 (patch) | |
| tree | 7f4d76e38733bbf774c2f2326294083face6afb2 | |
| parent | a8ed2f47afe789dbd30f0ad804cab3ffa919081b (diff) | |
- list map names in non-nickname form
- explicitly mention all of the maps that a ypserv-based server would
try to provide
| -rw-r--r-- | doc/nis-migration.txt | 39 |
1 files changed, 27 insertions, 12 deletions
diff --git a/doc/nis-migration.txt b/doc/nis-migration.txt index d77501c..dff2c9c 100644 --- a/doc/nis-migration.txt +++ b/doc/nis-migration.txt @@ -4,15 +4,29 @@ There are a number of well-known maps which a typical NIS deployment includes, and for most of these, there's typically just one schema which is used to represent that sort of information in the directory. -Map Object Class ------------------- ------------ -passwd posixAccount -group posixGroup -netgroup nisNetgroup -services ipService -networks ipNetwork -protocols ipProtocol -hosts ipHost +Map Object Class +----------------------------------------------- ------------- +passwd.byname,passwd.byuid posixAccount +group.byname,group.bygid posixGroup +netgroup,netgroup.byhost,netgroup.byuser [1] nisNetgroup +services.byname,services.byservicename ipService +networks.byaddr,networks.byname ipNetwork +protocols.byname,protocols.bynumber ipProtocol +hosts.byname,hosts.byaddr ipHost +rpc.byname,rpc.bynumber oncRpc +ethers.byname,ethers.byaddr ieee802Device +netid (none) [2] +publickey.byname (none) [3] +mail.aliases (none) [3] +timezone.byname (none) [3] +locale.byname (none) [3] +netmasks.byaddr ipNetwork(?) + +[1] netgroup.byhost and netgroup.byuser appear to be unused by glibc +[2] usually computed when tables are built; there is no specific + counterpart object class in a directory +[3] there is no specific counterpart object class in rfc2307, but + nisObject could be used Shadow password information is also frequently kept in a directory, but if a directory is capable of performing password policy enforcement at @@ -24,10 +38,11 @@ which is then imported into the directory. The script is typically also supplied a DN to be used when constructing the DNs for entries whose LDIF it outputs. -Because IPA already has access to a directory, we can provide a smarter +As far as IPA is concerned, we already have access to a directory and we +already know its schema, so we can provide a smarter tool which can do these things: -* automatically determine the right superior DN to use -* use exactly the right schema for an IPA server + * automatically determine the right superior DN to use + * use exactly the right schema for an IPA server It may even go so far as to add entries to the server directly. There's one wrinkle here: automount maps. Generally, an automount map |