[Freeipa-users] fixing port numbers associated with the NIS
Rich Megginson
rmeggins at redhat.com
Tue Nov 15 15:08:05 UTC 2011
On 11/15/2011 07:44 AM, Boris Epstein wrote:
>
>
> On Mon, Nov 14, 2011 at 7:16 PM, Nalin Dahyabhai <nalin at redhat.com
> <mailto:nalin at redhat.com>> wrote:
>
> On Mon, Nov 14, 2011 at 05:19:44PM -0500, Boris Epstein wrote:
> > Hello all,
> >
> > I am using the FreeIPA to run NIS via a plugin. Works great -
> except
> > that the ypserv port numbers end up different after every
> reboot. That
> > makes it hard to run it with the firewall activated.
> >
> > Does anybody know how to make those port number assignments
> permanent?
>
> There's no tooling specifically for doing this, but the plugin
> supports
> it. In order to get it to use a fixed port, you'll need to edit the
> directory server entry for "cn=NIS Server, cn=plugins, cn=config" and
> add a "nsslapd-pluginarg0" value which contains the port number you'd
> like it to use.
>
> You can do this either by stopping the directory server, editing its
> dse.ldif file directly, and then restarting it, or by editing the
> entry
> "live" using ldapmodify and then restarting the server. The latter
> method (I'm using port 541 here) looks something like this:
>
> # ldapmodify -x -D "cn=Directory Manager" -W <<- EOF
> dn: cn=NIS Server,cn=plugins,cn=config
> changetype: modify
> replace: nsslapd-pluginarg0
> nsslapd-pluginarg0: 541
> -
>
> EOF
> # ipactl restart
>
> You'll need to supply the Directory Manager password. Once that's
> done,
> running "rpcinfo -p" on the server should show that the NIS service is
> listening on the desired port.
>
> HTH,
>
> Nalin
>
>
> Nalin,
>
> Thanks a lot for the tip. It definitely looks like this put me on the
> right path though I am not quite there yet.
>
> Doing what you suggested did not quite work. For one thing, the right
> cn is "NIS", not "NIS Server". Another thing is, it does not look like
> the LDIF files in question have the nsslapd-pluginarg0 parameter - or
> are happy with it being added.
You have to shutdown the directory server first
service dirsrv stop
or
systemctl stop dirsrv.target
>
> Do you happen to have a copy of your LDIF configuration file with the
> relevant configuration by any chance? That could come in handy.
>
> Cheers,
>
> Boris.
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20111115/855f9ed2/attachment.htm>
More information about the Freeipa-users
mailing list