Re: [osol-discuss] [sysadmin-discuss] Configuring two nsswitch backends like LDAP and NIS?

[Moritz Willers]

What about setting some nsswitch.conf entries (e.g. protocols/ services) to one source (NIS) and others (passwd/group) to another (LDAP) and yet others (hosts) to another (DNS)? I would expect this to be less problematic but greatly help in migrating map by map over from NIS to LDAP. piecemeal versus big bang.

passwd:     files ldap
group:      files ldap
hosts:      files dns
networks:   nis [NOTFOUND=return] files
protocols:  nis [NOTFOUND=return] files
rpc:        nis [NOTFOUND=return] files

Is this also not supported and a big "don't do that!"?

- mo


On 20 Mar 2008, at 10:00 pm, Doug Leavitt wrote:

Having two major naming services in the same configuration has never been a Sun supported configuration. Primarily because the naming service administration tools do not deal with this. One of the objectives of the duckwater project is to fix the naming configuration and management issue, which will help here.

and there were bugs that did not make it always work.


in certain combinations.


type of configuration.




technically possible now that the code is fixed.

Doug.

Edwin Goei wrote:

The second reason that it's not been supported, is because prior to the delivery of sparks, we did not have a test suite could test combinations of backends, Part of the delivery of sparks (snv_50) was to deliver a test suite that tested combinations, and sparks also fixed some internal problems that existed prior Once duckwater delivers, we may re-assess our position on supporting this I doubt we will ever recommend such a configuration, because there are plenty of reasons not to do this, including security and account authority issues. Tpday, we still don't regularly test nis & nisplus together, although we do know it's

Is it possible to use two networked databases at the same time in

a different host. Essentially, I would like to modify my existing

this error in the log:

[ Mar 19 07:44:22 Enabled. ]
[ Mar 19 07:44:22 Executing start method ("/lib/svc/method/yp"). ]

[ Mar 19 07:44:22 Method "start" exited with status 96. ]

Any ideas?


anyone gotten something like this to work?

-Edwin
_______________________________________________
sysadmin-discuss mailing list
[EMAIL PROTECTED]
http://mail.opensolaris.org/mailman/listinfo/sysadmin-discuss

nsswitch.conf? I've got a client machine using an existing NIS database in nsswitch. I'd like to add additional entries to the passwd database so that I can provide sshd access to a mercurial repository for a large number of accounts. These entries would be provided by an ldap server on NIS-based nsswitch with "passwd: files nis ldap". I was able to get ldap to work via ldapclient but when I turn on the NIS client back on, I get /lib/svc/method/yp: /var/yp/binding/tools.sfbay.sun.com is not a directory It doesn't seem to be possible to use two LDAP backends, but it may be possible to have an LDAP server both provide LDAP and NIS entries. Has

_______________________________________________
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org

smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org