HP HP-UX LDAP-UX Integration Setup and Install
NIS+ to LDAP Migration Guide
HP-UX 11.0, 11i v1 and v2
Editon 3
Manufacturing Part Number : J4269-90054
E0606
© Copyright 2006 Hewlett-Packard Company, L.P.
Legal Notices
The information in this document is subject to change without notice.
Hewlett-Packard makes no warranty of any kind with regard to this
manual, including, but not limited to, the implied warranties of
merchantability and fitness for a particular purpose. Hewlett-Packard
shall not be held liable for errors contained herein or direct, indirect,
special, incidental or consequential damages in connection with the
furnishing, performance, or use of this material.
Warranty
A copy of the specific warranty terms applicable to your Hewlett-Packard
product and replacement parts can be obtained from your local Sales and
Service Office.
U.S. Government License
Proprietary computer software. Valid license from HP required for
possession, use or copying. Consistent with FAR 12.211 and 12.212,
Commercial Computer Software, Computer Software Documentation,
and Technical Data for Commercial Items are licensed to the U.S.
Government under vendor's standard commercial license.
Copyright Notices
Copyright 2006 Hewlett-Packard Company L.P. All rights reserved.
Reproduction, adaptation, or translation of this document without prior
written permission is prohibited, except as allowed under the copyright
laws.
Trademark Notices
UNIX is a registered trademark in the United States and other
countries, licensed exclusively throughThe Open Group.
NIS is a trademark of Sun Microsystems, Inc.
Netscape and Netscape Directory Server are registered trademarks of
Netscape Communications Corporation in the United States and other
countries. Other product and brand names are trademarks of their
respective owners.
ii
1. Overview of NIS+ to LDAP Migration
Migration Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Documentation References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Overview of the LDAP-UX Integration Product. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
LDAP Directory Server and LDAP-UX Client Services . . . . . . . . . . . . . . . . . . . . . . . 4
Comparing Features and Security Between LDAP-UX and NIS+ . . . . . . . . . . . . . . . . . 5
Feature Comparison Between LDAP and NIS+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Security Comparison Between LDAP-UX and NIS+ . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Trusted Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Comparing LDAP and NIS+ Information Sharing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
How LDAP-UX Client Services Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
LDAP-UX Client Administrator’s Tools And Migration Scripts . . . . . . . . . . . . . . . . . . 12
2. Migrating NIS+ to LDAP
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Summary of Migration Steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Migrating NIS+ Service Data to the LDAP Server. . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Migrating NIS+ Clients to LDAP-UX Client Services . . . . . . . . . . . . . . . . . . . . . . . . 18
Installing and Configuring Your LDAP Directory Server . . . . . . . . . . . . . . . . . . . . . . . 19
Installing Netscape Directory Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Configuring Netscape Directory Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Installing the LDAP-UX Integration Product . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Installing ONC EP/NCF Software and AutoFS 2.3 Patch. . . . . . . . . . . . . . . . . . . . . . . 21
ONC EP/NCF Software Requirement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
AutoFS Patch Requirement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Extending Publickey or Automount Schema Into Netscape Directory Server . . . . . . . 23
Publickey and Automount Schemas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Importing Your NIS+ Data to Your LDAP Directory Server . . . . . . . . . . . . . . . . . . . . . 26
Steps to Import Your NIS+ Data into Your Directory. . . . . . . . . . . . . . . . . . . . . . . . . 27
Configuring LDAP-UX Client Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Verify LDAP-UX Client Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Contents
3. Command and Tool Reference
The ldappasswd Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
LDAP Directory Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
ldapentry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
iii
Contents
ldapsearch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
ldapmodify. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
ldapdelete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
NIS+ to LDAP Migration Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Environment Variables. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
General Syntax For Migration Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Naming Context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Migrating The Credential Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Migrating Most of Service Data Using One Script . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Migrating Individual Service Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Migrating User-Defined Maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
iv
Preface: About This Document
The latest version of this document can be found on line at:
http://www.docs.hp.com
This document describes the migration procedures used to migrate the
NIS+ server to the LDAP directory server and to install LDAP-UX Client
Services on HP-UX NIS+ clients.
The document printing date and part number indicate the document’s
current edition. The printing date will change when a new edition is
printed. Minor changes may be made at reprint without changing the
printing date. The document part number will change when extensive
changes are made.
Document updates may be issued between editions to correct errors or
document product changes. To ensure that you receive the updated or
new editions, you should subscribe to the appropriate product support
service. See your HP sales representative for details.
Intended Audience
This document is intended for system and network administrators that
have experience using the NIS+, Netscape Directory Server and
LDAP-UX Integration product and have detailed knowledge of how the
products are deployed in your organization. To successfully migrate from
NIS+ environment to LDAP-UX Integration environment, you must
understand product features and operation of LDAP-UX Client Services
and Netscape Directory Server for HP-UX.
Publishing History
Table 1 Publishing History
Document
Manufacturing
Part Number
J4269-90047 11i v1 and v2 B.04.00 June, 2005
J4269-90050 11i v1 and v2 B.04.00 August, 2005
Operating
Systems
Supported
Supported
Product
Versions
Publication
Date
v
Table 1 Publishing History (Continued)
Document
Manufacturing
Part Number
J4269-90054 11i v1 and v2 B.04.00 June, 2006
Operating
Systems
Supported
Supported
Product
Versions
Publication
Date
What’s in This document
This manual describes migration procedures you take to migrate the
NIS+ servers to the LDAP directory server and to install the LDAP-UX
Client Services on NIS+ clients.
The manual is organized as follows:
Chapter 1 Migration Overview Use this chapter for a migration
overview, a high level overview of the LDAP-UX
Integration product, and feature and security
comparisons between LDAP-UX and NIS+.
Chapter 2 Migrating NIS+ to LDAP Use this chapter to learn
how to migrate NIS+ service data from the NIS+ server
to the LDAP directory server, and how to install
LDAP-UX Client Services on the NIS+ clients.
Chapter 3 Command and Tool Reference Use this chapter to
learn about the migration tools used to migrate NIS+
service data to the Netscape Directory Server.
vi
HP Encourages Your Comments
HP encourages your comments concerning this document. We are truly
committed to providing documentation that meets your needs.
Please send comments to: netinfo_feedback@cup.hp.com
Please include document title, manufacturing part number, and any
comments, errors found, or suggestions for improvement you have
concerning this document. Also, please include what we did right so we
can incorporate it into other documents.
1 Overview of NIS+ to LDAP
Migration
This chapter provides the migration overview, a high level overview of
what the LDAP-UX Integration product is, and feature and security
comparisons between LDAP-UX and NIS+. It contains the following
sections:
• “Migration Overview” on page 2
• “Overview of the LDAP-UX Integration Product” on page 4
• “Comparing Features and Security Between LDAP-UX and NIS+” on
page 5
• “Comparing LDAP and NIS+ Information Sharing” on page 9
• “LDAP-UX Client Administrator’s Tools And Migration Scripts” on
page 12
Chapter 1 1
Overview of NIS+ to LDAP Migration
Migration Overview
Migration Overview
One of the features of LDAP-UX Integration product 4.0 delivers
functionality that provides a replacement for NIS+ by using the
LDAP-UX Integration product in place of the features provided by NIS+.
This evolution means that the NIS+ Client and Server products will no
longer be released as part of the HP-UX 11i v3 release. The LDAP-UX
Integration product is the recommended replacement for NIS+. In order
to plan for NIS+ obsolescence, if you are running NIS+, you will need to
migrate your NIS+ environment to LDAP-UX Integration.
The migration to LDAP-UX Integration includes converting the NIS+
server to an LDAP directory server, migrating the NIS+ tables to the
LDAP directory and installing the LDAP-UX Client Services on all NIS+
clients.
HP is providing the LDAP-UX Integration product version B.04.00
including the migration package on HP-UX 11i v3. This migration
package runs on HP-UX 11i v1 and v2 systems via the web release on
June, 2005. You can plan and perform the migration at your earliest
convenience and do not need to wait until updating to HP-UX 11i v3 to
perform the migration.
Before you update the NIS+ server system to HP-UX 11i v3 or at the
time of the update, you need to install and configure an LDAP directory,
then migrate the NIS+ server data to the LDAP directory server. At the
time of the migration, if you desire load balancing, you can turn off the
NIS+ replica servers and reconfigure them to become LDAP replica
servers. After the NIS+ servers are migrated to the LDAP directory
server, you need to install and configure LDAP-UX Client Services
B.04.00 on all NIS+ client systems.
This migration guide documents the migration procedures you take to
migrate the NIS+ server to the LDAP directory server and to install the
LDAP-UX Client Services on all NIS+ clients.
NIS+ client software will not be supported or provided on HP-UX 11i v3.
If updating a system running the NIS+ client to HP-UX 11i v3 from an
earlier operating system version, you must reconfigure the
/etc/nsswitch.conf file to use another service for name resolution at
the time the system is updated to HP-UX 11i v3. Name resolution
services include ldap, nis, dns and files.
Chapter 12
Overview of NIS+ to LDAP Migration
Migration Overview
NOTE Any user applications that are calling NIS+ APIs directly without using
the Name Service Switch (NSS) must be modified to call the
corresponding LDAP APIs to do the same task. The LDAP-UX
Integration product supports Mozilla LDAP SDK. The Mozilla LDAP
SDK is a Software Development Kit that contains a set of LDAP
Application Programming Interfaces (APIs) to build LDAP-enabled
clients. The functionality implemented in the SDK closely follows the
interface outlined in RFC 2251, the Lightweight Directory Access
Protocol (v3).
For detailed information on how to use the LDAP API functions
contained in the Mozilla LDAP SDK, and how to enable your client
applications to connect to the LDAP servers, refer to Mozilla LDAP C
SDK Programmer’s Guide at
http://www.mozilla.org/directory/csdk-docs/.
Documentation References
To successfully migrate from NIS+ environment to LDAP-UX
Integration environment, you must understand product features and
operation of LDAP-UX Client Services and Netscape Directory Server for
HP-UX. For detailed procedures on how to set up, install and configure
LDAP-UX Client Services and Netscape Directory Server, please consult
one or more of the following references at
http://docs.hp.com/hpux/internet:
• LDAP-UX Client Services B.04.00 Administrator’s Guide
• Preparing Your Directory for HP-UX Integration
• Netscape Directory Server Administrator’s Guide
Chapter 1 3
Overview of NIS+ to LDAP Migration
Overview of the LDAP-UX Integration Product
Overview of the LDAP-UX Integration
Product
The LDAP-UX Integration product uses the Lightweight Directory
Access Protocol (LDAP) to centralize user, group and network
information management in an LDAP directory. The LDAP-UX
Integration product includes the following subproducts:
• LDAP-UX Client Services. Provides both an LDAP-based Pluggable
Authentication Module (PAM) and Name Service Switch (NSS)
module.
— PAM is the Pluggable Authentication Model, which allows the
HP-UX OS and its applications to perform authentication of
users, without detailed knowledge about the particular method
used to manage user data. (LDAP, Kerberos, /etc/passwd file,
etc...)
— NSS is the Name Service Switch, which is a pluggable name
resolution service. It is used by various C library APIs, such as
getpwname() and others to discover user, group and other
POSIX-related information.
• LDAP-UX Client Administrator’s Tools and Migration Scripts. These
administrator’s tools manage data in the LDAP directory server. The
migration scripts are used to migrate NIS or NIS+ service data to the
LDIF files or to the LDAP directory.
• Mozilla LDAP Software Development Kit (SDK). This kit contains
the LDAP Application Programming Interfaces (APIs) for building
LDAP-enabled clients.
LDAP Directory Server and LDAP-UX Client Services
LDAP directory servers provide services to their clients as a data
repository to centralize and to delegate the administration of
applications, networks, and user data.
The LDAP directory server offers the following security features:
• Centralized management of user, group, and network information.
Chapter 14
Overview of NIS+ to LDAP Migration
Comparing Features and Security Between LDAP-UX and NIS+
• Centralized authentication of HP-UX PAM-enabled applications and
LDAP-enabled enterprise applications.
• Host access control of individual users or groups.
• Enforcement of global account and password policies.
• Data privacy using SSL encryption.
• Co-existence with HP-UX Trusted Mode and shadow passwords.
LDAP-UX Client Services simplifies HP-UX system administration by
consolidating account, group and other configuration information into a
central LDAP directory server. The LDAP-UX Client Services product
works with a variety of LDAP v3 capable directory servers and is fully
tested with the Netscape Directory Server and the Windows 2000/2003
Active Directory Servers.
For detailed information on the integration of LDAP-UX Client Services
with the Netscape Directory Server for HP-UX version 6.x, refer to
LDAP-UX Client Services Administrator’s Guide at http://docs.hp.com.
For detailed information on the integration of LDAP-UX Client Services
with the Windows 2000/2003 Active Directory Server, refer to LDAP-UX
Client Services with Microsoft Windows 2000/2003 Administrator’s
Guide at http:;//docs.hp.com.
Comparing Features and Security Between
LDAP-UX and NIS+
This section describes the LDAP-UX and NIS+ features and security
comparisons.
Feature Comparison Between LDAP and NIS+
Both NIS+ and LDAP server provide services to their clients as a data
repository. The NIS+ server supports SecureRPC with Diffie-Hellman
authentication. The LDAP directory server not only provides
authentication, but also uses access control when the clients attempt to
Chapter 1 5
Overview of NIS+ to LDAP Migration
Comparing Features and Security Between LDAP-UX and NIS+
access the database. The LDAP server provides global account and
password policies to LDAP-enabled clients and applications. There are
some feature differences between LDAP and NIS+.
Table 1-1 compares features between LDAP and NIS+:
Table 1-1 Features Comparison between LDAP and NIS+
Feature NIS+ LDAP
hierarchical data yes yes
dynamic updates yes yes
dynamic replication yes yes
access control list yes yes
complex data no yes
multiple master replication no yes
trusted system mode on
HP-UX
account/password policies yes yes
a. LDAP-UX Client Services version B.03.30 or later supports
coexistence with Trusted Mode.
yes
a
Security Comparison Between LDAP-UX and NIS+
This section describes the security comparison between NIS+ and LDAP
as follows:
• NIS+ uses SecureRPC with Diffie-Hellman authentication. This
mechanism uses public/private key pairs which are 192-bits long. It
is an old mechanism which has been shown to be compromised easily.
• With the LDAP-UX product, the HP-UX operating system can use an
LDAP directory for centralized security policy enforcement,
authentication and authorization. LDAP-UX supports simple and
SASL Digest-MD5 for user and proxy authentication. SSL is also
supported for secured communication between an LDAP client and
the directory server. With SSL support, the LDAP-UX Client
provides a more secure way to protect the password over the
network. SSL is a more robust scheme than SecureRPC.
Chapter 16
Overview of NIS+ to LDAP Migration
Comparing Features and Security Between LDAP-UX and NIS+
• NIS+ can hide passwords from users and supports Trusted Mode to
offer extensive password and account policies. But, the passwords
are sent in clear text format over a network.
With LDAP support, passwords can be hidden from users. Passwords
may also be hashed to protect passwords. The LDAP directory server
supports UNIX-crypt, SHA, and SSHA hashing methods. Although
SASL, Digest-MD5 protects passwords over a network during
authentication, it requires passwords to be stored in clear text
format in the directory server.
Table 1-2 compares security between LDAP-UX and NIS+:
Table 1-2 Security Comparison between LDAP-UX and NIS+
LDAP-UX
Coexisting with
Trusted Mode
Security
NIS+ with
Trusted Mode
last login reporting yes local accounts only
auditing yes yes
account expiration yes
administrative account lock yes
lock account due to max failed
yes
a
a
a
logins
option to disallow null passwords yes
auto-generated passwords yes
password history yes
a
a
a
boot authentication local accounts only local accounts only
lock device due to max failed logins yes local accounts only
time-of-day login restrictions yes
a
who last changed the password yes
long passwords local accounts only
a
a
Chapter 1 7
Overview of NIS+ to LDAP Migration
Comparing Features and Security Between LDAP-UX and NIS+
a. Enforced by Trusted Mode for local accounts. Enforced by the LDAP
server for LDAP accounts.
Trusted Mode
NIS+ supports Trusted Mode to provide extensive password and audit
policies for local accounts. LDAP-UX Client Services version B.03.30 or
later supports coexistence with Trusted Mode system. Local-based
accounts can benefit from the Trusted Mode security policies, while
LDAP-based accounts benefit from the security policies offered by the
LDAP server. Having Trusted Mode support also enables LDAP-based
and local-based accounts to be audited in Trusted mode.
The coexistence of LDAP-UX with a Trusted Mode system has
limitations and usage requirements. For detailed information, refer to
the “Integrating with Trusted Mode” section in the LDAP-UX Client
Services Administrator’s Guide at http://docs.hp.com.
Chapter 18
Comparing LDAP and NIS+ Information Sharing
Comparing LDAP and NIS+ Information
Sharing
Traditionally, HP-UX account and configuration information is stored in
text files like /etc/passwd and /etc/group. NIS+ is used to ease system
administration by sharing the information across systems on the
network. With NIS+, account and configuration information resides on
NIS+ servers. NIS+ client systems retrieve this shared information
across the network from NIS+ servers, as shown in Figure 1-1.
Figure 1-1 A Simplified NIS+ Environment
NIS+ Master
Server
Overview of NIS+ to LDAP Migration
Map transfers
NIS+ Replica
Server Server
NIS+ Requests
Chapter 1 9
NIS+ Replica
NIS+ Client NIS+ ClientNIS+ Client
Overview of NIS+ to LDAP Migration
Comparing LDAP and NIS+ Information Sharing
LDAP-UX Client Services improves on this configuration information
sharing. User, group, and other network operating system configuration
information can be integrated with other identity information in other
organization-wide applications. The account and configuration
information is stored in an LDAP directory. Client systems retrieve this
shared configuration information across the network from the LDAP
directory. In addition, LDAP adds greater scalability, interoperability
with other applications and platforms, and less network traffic from
replica updates. Figure 1-3 shows a simplified LDAP-UX Client Services
Environment.
Figure 1-2 A Simplified LDAP-UX Client Services Environment
LDAP Directory
Server
user account data
netgroup data
services data
automount data
security data
LDAP Requests
LDAP-UX Client LDAP-UX Client
LDAP-UX Client Services supports the following name service data:
passwd, groups, hosts, rpc, services, networks, protocols, printers,
netgroup, automount and public key.
Updates
LDAP Directory
Server Replica
How LDAP-UX Client Services Work
LDAP-UX Client Services works by leveraging the authentication
mechanism provided in the Pluggable Authentication Module (PAM) and
the naming services provided by the Name Service Switch (NSS).
Chapter 110
Overview of NIS+ to LDAP Migration
Comparing LDAP and NIS+ Information Sharing
Refer to pam(3) and pam.conf(4) and to Managing Systems and
Workgroups: A Guide For System Administrators at
http://docs.hp.com/hpux/os/11iv2/ for more information on PAM.
For information on NSS, refer to switch(4) and “Configuring the Name
Service Switch” in the NFS Services Administrator’s Guide at
http://docs.hp.com.
These extensible mechanisms enable you to install and use new
authentication methods and new name services without changing the
underlying HP-UX commands. With the PAM architecture support, the
HP-UX client becomes truely integrated in the LDAP environment.
The PAM_LDAP library enables the HP-UX system to use the LDAP as a
trusted server for authentication. This means that passwords can be
stored in any syntax and also means that passwords can remain hidden
from view (preventing a decryption attack on the hashed passwords).
Because passwords can be stored in any syntax, HP-UX is able to share
passwords with other LDAP-enabled applications.
Chapter 1 11
Overview of NIS+ to LDAP Migration
LDAP-UX Client Administrator’s Tools And Migration Scripts
LDAP-UX Client Administrator’s Tools And
Migration Scripts
Table 1-3 shows a list of the LDAP-UX client administrator’s tools. These
tools can be used to manage data in an LDAP directory server.
Table 1-3 LDAP Administrator ‘s Tools
Tool Description
ldapdelete Allows you to delete entries in the
ldapmodify Allows you to add, delete, modify, or
ldappasswd Changes passwords in the LDAP
directory.
rename directory entries. All operations
are specified using LDIF update
statements.
directory.
ldapsearch Allows you to search the LDAP directory.
Table 1-4 shows the migration scripts, these migration scripts can be
found under /opt/ldapux/migrate/nisplusmigration. For a complete
description of the tools and scripts, what they do, and how to use them,
see Chapter 3, “Command and Tool Reference,” on page 39.
Table 1-4 NIS+ to LDAP Migration Tools
Tool Description
migrate_nisp_groups.pl Migrates groups from the NIS+ server
migrate_nisp_hosts.pl Migrates hosts from the NIS+ server to
migrate_nisp_services.pl Migrates services from the NIS+ server
Returns results in LDIF format.
to LDIF.
LDIF.
to LDIF.
Chapter 112
Overview of NIS+ to LDAP Migration
LDAP-UX Client Administrator’s Tools And Migration Scripts
Table 1-4 NIS+ to LDAP Migration Tools (Continued)
Tool Description
migrate_nisp_netgroup.pl Migrates netgroups from the NIS+
server to LDIF.
migrate_nisp_networks.pl Migrates networks from the NIS+
server to LDIF.
migrate_nisp_rpc.pl Migrates RPCs from the NIS+ server to
LDIF.
migrate_all_nisplus_online.sh Migrates NIS+ name service data into
an LDAP directory.
cred_table_sort.pl Migrates credential table entries
including public keys and secret keys of
users and hosts from the NIS+ server to
the flat (etc) file.
migrate_nisp_passwd.pl Migrates all user accounts with
encrypted passwords from the NIS+
server to LDIF.
migrate_nisp_nonstandard.pl Migrates user-defined maps to LDIF
file.
migrate_nisp_autofs.pl Migrates AutoFS maps (such as
auto_master, auto_direct, auto_home,
etc...) from the NIS+ server to LDIF.
migrate_nisp_protocols.pl Migrates protocols from the NIS+ server
to LDIF.
migrate_nisp_aliases.pl Migrates aliases from the NIS+ server
to LDIF.
Chapter 1 13
Overview of NIS+ to LDAP Migration
LDAP-UX Client Administrator’s Tools And Migration Scripts
Chapter 114
Loading...