<html> <head> <meta content="text/html; charset=windows-1252" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> Ugh, I don't like Gnome's handling of copy-and-paste. slapi-nis-0.54-6.el7_2.x86_64 <div class="moz-cite-prefix">On 04/06/16 10:46, Daryl Fonseca-Holt wrote: </div> <blockquote cite="mid:57052F66.9070607@umanitoba.ca" type="cite"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> Forgot to include environment specifics: CentOS Linux release 7.2.1511 (Core) ipa-server-4.2.0-15.0.1.el7.centos.6.x86_64 389-ds-base-1.3.4.0-26.el7_2.x86_64 389-ds-base-1.3.4.0-26.el7_2.x86_64 <div class="moz-cite-prefix">On 04/06/16 10:40, Daryl Fonseca-Holt wrote: </div> <blockquote cite="mid:57052DEC.2050800@umanitoba.ca" type="cite"> Due to legacy constraints the default protocol.bynumber and protocol.byname do not produce the alias feature we have: <blockquote> <pre>ypcat protocols.byname ip 0 IP 0 icmp 1 ICMP 1 igmp 2 IGMP 2 ggp 3 GGP 3 tcp 6 TCP 6 pup 12 PUP 12 udp 17 UDP 17 IPv6 41 ipv6 41 IPv6-Route 43 ipv6-route 43 IPv6-Frag 44 ipv6-frag 44 IPv6-ICMP 58 ipv6-icmp 58 IPv6-NoNxt 59 ipv6-nonxt 59 ypcat protocols.bynumber ip 0 IP icmp 1 ICMP igmp 2 IGMP ggp 3 GGP tcp 6 TCP pup 12 PUP udp 17 UDP IPv6 41 ipv6 IPv6-Route 43 ipv6-route IPv6-Frag 44 ipv6-frag IPv6-ICMP 58 ipv6-icmp IPv6-NoNxt 59 ipv6-nonxt ypmatch 0 protocols.bynumber ip 0 IP ypmatch ip protocols.byname ip 0 IP ypmatch IP protocols.byname ip 0 IP </pre> </blockquote> Notice the above legacy ypcat protcols.bynumber is not showing description Attribute in the third column, rather, it is the alias. ypmatch can find an entry in protocols.byname using the name or the alias. The document format-specifiers.txt says <blockquote> <pre> * nis-keys-format (required if nis-key-format is not set, multivalued) A format specifier which the plugin will use to convert the contents of the directory server entry into a set of keys for the NIS map. The resulting NIS map will include a key for each value to which the expression evaluates. This can be used to allow for an arbitrary number of NIS map entries to be created for a given directory server entry. The syntax of format specifiers is described in "format-specifiers.txt". </pre> </blockquote> It seemed like a %collect in nis-keys-format was just what I needed. Using this schema in /etc/dirsv/<instance>/99user.ldif I created directory entries that had both a name and an alias. <blockquote> <pre>dn: cn=schema objectClass: top objectClass: ldapSubentry objectClass: subschema cn: schema objectClasses: ( 1.3.6.1.4.1.35157.1.1.3 NAME 'umipProtocol' DESC 'User defined LDAP objectclass' SUP top STRUCTURAL MUST ( cn $ umipProtocolName $ umipProtocolNumber ) MAY ( description $ umipProtocolAlias ) X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.35157.1.1.1.13 NAME 'umipProtocolName' DESC 'IP protocol name - custom' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 EQUALITY caseExactIA5Match X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.35157.1.1.1.14 NAME 'umipProtocolNumber' DESC 'IP protocol number - custom' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 EQUALITY integerMatch X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.35157.1.1.1.15 NAME 'umipProtocolAlias' DESC 'IP protocol alias name' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 EQUALITY caseExactIA5Match X-ORIGIN 'user defined' ) </pre> </blockquote> With these NIS map LDIFs added <blockquote> <pre>dn: nis-domain=uofmt2+nis-map=protocols.byname,cn=NIS Server,cn=plugins,cn=config objectClass: extensibleObject objectClass: top nis-domain: uofmt2 nis-map: protocols.byname nis-base: ou=Protocols,ou=Unix,dc=uofmt2 nis-filter: (objectClass=umipProtocol) nis-keys-format: %{umipProtocolName}" nis-value-format: %{umipProtocolName} %{umipProtocolNumber} %{umipProtocolAlias} dn: nis-domain=uofmt2+nis-map=protocols.byname,cn=NIS Server,cn=plugins,cn=config objectClass: extensibleObject objectClass: top nis-domain: uofmt2 nis-map: protocols.byname nis-base: ou=Protocols,ou=Unix,dc=uofmt2 nis-filter: (objectClass=umipProtocol) nis-keys-format: %{umipProtocolName}" nis-value-format: %{umipProtocolName} %{umipProtocolNumber} %{umipProtocolAlias} </pre> </blockquote> ypcat produces the desired output. ypmatch doesn't work at all. <blockquote> <pre>ypmatch ip protocols.byname Can't match key ip in map protocols.byname. Reason: No such key in map ypmatch IP protocols.byname Can't match key IP in map protocols.byname. Reason: No such key in map </pre> </blockquote> For reference, here is the ypcat output of the two maps: <blockquote> <pre>ypcat protocols.byname IPv6-NoNxt 59 ipv6-nonxt IPv6-ICMP 58 ipv6-icmp IPv6-Frag 44 ipv6-frag IPv6-Route 43 ipv6-route IPv6 41 ipv6 udp 17 UDP pup 12 PUP tcp 6 TCP ggp 3 GGP igmp 2 IGMP icmp 1 ICMP ip 0 IP ypcat protocols.bynumber IPv6-NoNxt 59 ipv6-nonxt IPv6-ICMP 58 ipv6-icmp IPv6-Frag 44 ipv6-frag IPv6-Route 43 ipv6-route IPv6 41 ipv6 udp 17 UDP pup 12 PUP tcp 6 TCP ggp 3 GGP igmp 2 IGMP icmp 1 ICMP ip 0 IP </pre> </blockquote> Shouldn't the %collect cause to two NIS entries to be created for each directory entry? It seems to on the ypcat but I don't understand why the ypmatch would fail. Thanks, Daryl <pre class="moz-signature" cols="72">-- -- Daryl Fonseca-Holt IST/Technology Services/Unix Server Team University of Manitoba 204.480.1079 </pre> <fieldset class="mimeAttachmentHeader"></fieldset> </blockquote> <pre class="moz-signature" cols="72">-- -- Daryl Fonseca-Holt IST/Technology Services/Unix Server Team University of Manitoba 204.480.1079 </pre> <fieldset class="mimeAttachmentHeader"></fieldset> </blockquote> <pre class="moz-signature" cols="72">-- -- Daryl Fonseca-Holt IST/Technology Services/Unix Server Team University of Manitoba 204.480.1079 </pre> </body> </html>