Browse Space
Overview
Network Information Service, short for NIS, is no longer supported. Yet, there are many large companies who are still using NIS as the major backbone of their identity information. Penrose allows NIS entries to be translated into LDAP entries in a real-time manner. This avoid the expensive ETL (extract, transform and load) operations to re-import/export NIS to LDAP.
Installing NIS Server and Client
Read more about LDAP Gateway vs NIS Gateway
Penrose provides a NIS adapter which can be used to expose NIS information as LDAP entries. The NIS adapter can access the NIS information in several ways:
- using YP client
- using Sun's NIS service provider for JNDI (experimental)
- local file (experimental)
Configuration
Make sure the NIS adapter is defined in the global partition (PENROSE_SERVER_HOME/conf/server.xml) or in the partition that uses the NIS functionality (PENROSE_SERVER_HOME/partitions/<partition>/DIR-INF/partition.xml).
<adapter name="NIS">
<adapter-class>org.safehaus.penrose.nis.adapter.NISAdapter</adapter-class>
</adapter>
The connection to NIS server should be defined in the PENROSE_SERVER_HOME/conf/connections.xml or PENROSE_SERVER_HOME/partitions/<partition>/DIR-INF/connections.xml.
With YP client the connection should be configured as follows:
<connection name="NIS">
<adapter-name>NIS</adapter-name>
<parameter>
<param-name>java.naming.provider.url</param-name>
<param-value>...</param-value>
</parameter>
<parameter>
<param-name>method</param-name>
<param-value>yp</param-value>
</parameter>
</connection>
With JNDI client the connection should be configured as follows:
<connection name="NIS">
<adapter-name>NIS</adapter-name>
<parameter>
<param-name>java.naming.factory.initial</param-name>
<param-value>com.sun.jndi.nis.NISCtxFactory</param-value>
</parameter>
<parameter>
<param-name>java.naming.provider.url</param-name>
<param-value>...</param-value>
</parameter>
<parameter>
<param-name>com.sun.jndi.nis.mailaliases</param-name>
<param-value>nonull</param-value>
</parameter>
<parameter>
<param-name>method</param-name>
<param-value>jndi</param-value>
</parameter>
</connection>
With local file the connection should be configured as follows:
<connection name="NIS">
<adapter-name>NIS</adapter-name>
<parameter>
<param-name>method</param-name>
<param-value>local</param-value>
</parameter>
</connection>
The NIS server hostname and domain name should be specified in the java.naming.provider.url in this form: nis://<hostname>/<domain>.
To expose the NIS maps as LDAP entries, they need to be mapped into some subtrees in the virtual DIT:
- NIS Aliases
- NIS Automounts
- NIS Boot Parameters
- NIS Ethers
- NIS Groups
- NIS Hosts
- NIS Netgroups
- NIS NetIDs
- NIS Networks
- NIS Protocols
- NIS RPCs
- NIS Services
- NIS Users
Example
A sample NIS partition is available at PENROSE_SERVER_HOME/samples/nis folder. Simply copy this folder into PENROSE_SERVER_HOME/partitions folder, then configure the connection to point to your NIS server.
NIS Synchronization
NIS Sync Agent
UIDs GIDs Conflict Resolution Module
Reference
Configuring NIS Client
(Penrose 2.0)
Configuring NIS Server
(Penrose 2.0)
Installing NIS Server and Client
(Penrose 2.0)
Merging Hosts, Ethers, and Boot Parameters
(Penrose 2.0)
NIS Aliases
(Penrose 2.0)
NIS Automounts
(Penrose 2.0)
NIS Boot Parameters
(Penrose 2.0)
NIS Ethers
(Penrose 2.0)
NIS Groups
(Penrose 2.0)
NIS Hosts
(Penrose 2.0)
NIS Netgroups
(Penrose 2.0)
NIS NetIDs
(Penrose 2.0)
NIS Networks
(Penrose 2.0)
NIS Protocols
(Penrose 2.0)
NIS RPCs
(Penrose 2.0)
NIS Services
(Penrose 2.0)
NIS Sync Agent
(Penrose 2.0)
NIS Synchronization
(Penrose 2.0)
NIS Users
(Penrose 2.0)
UIDs GIDs Conflict Resolution Module
(Penrose 2.0)