[Freeipa-users] fixing port numbers associated with the NIS

Rich Megginson rmeggins at redhat.com
Tue Nov 15 15:08:05 UTC 2011 

On 11/15/2011 07:44 AM, Boris Epstein wrote:
>
>
> On Mon, Nov 14, 2011 at 7:16 PM, Nalin Dahyabhai <nalin at redhat.com 
> <mailto:nalin at redhat.com>> wrote:
>
>     On Mon, Nov 14, 2011 at 05:19:44PM -0500, Boris Epstein wrote:
>     >    Hello all,
>     >
>     >    I am using the FreeIPA to run NIS via a plugin. Works great -
>     except
>     >    that the ypserv port numbers end up different after every
>     reboot. That
>     >    makes it hard to run it with the firewall activated.
>     >
>     >    Does anybody know how to make those port number assignments
>     permanent?
>
>     There's no tooling specifically for doing this, but the plugin
>     supports
>     it.  In order to get it to use a fixed port, you'll need to edit the
>     directory server entry for "cn=NIS Server, cn=plugins, cn=config" and
>     add a "nsslapd-pluginarg0" value which contains the port number you'd
>     like it to use.
>
>     You can do this either by stopping the directory server, editing its
>     dse.ldif file directly, and then restarting it, or by editing the
>     entry
>     "live" using ldapmodify and then restarting the server.  The latter
>     method (I'm using port 541 here) looks something like this:
>
>      # ldapmodify -x -D "cn=Directory Manager" -W <<- EOF
>      dn: cn=NIS Server,cn=plugins,cn=config
>      changetype: modify
>      replace: nsslapd-pluginarg0
>      nsslapd-pluginarg0: 541
>      -
>
>      EOF
>      # ipactl restart
>
>     You'll need to supply the Directory Manager password.  Once that's
>     done,
>     running "rpcinfo -p" on the server should show that the NIS service is
>     listening on the desired port.
>
>     HTH,
>
>     Nalin
>
>
> Nalin,
>
> Thanks a lot for the tip. It definitely looks like this put me on the 
> right path though I am not quite there yet.
>
> Doing what you suggested did not quite work. For one thing, the right 
> cn is "NIS", not "NIS Server". Another thing is, it does not look like 
> the LDIF files in question have the nsslapd-pluginarg0 parameter - or 
> are happy with it being added.
You have to shutdown the directory server first
service dirsrv stop
or
systemctl stop dirsrv.target
>
> Do you happen to have a copy of your LDIF configuration file with the 
> relevant configuration by any chance? That could come in handy.
>
> Cheers,
>
> Boris.
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20111115/855f9ed2/attachment.htm>

More information about the Freeipa-users mailing list