tag:blogger.com,1999:blog-4619978964286106329.post6250147877634767213..comments2023-08-05T12:48:40.934-04:00Comments on Another I.T. blog: HOWTO : OpenLDAP NFS NetGroup Repository for AutoFSArsehttp://www.blogger.com/profile/04480469285928509022noreply@blogger.comBlogger8125tag:blogger.com,1999:blog-4619978964286106329.post-76765467728649808462014-04-18T18:44:03.835-04:002014-04-18T18:44:03.835-04:00Hello Brigitte,
Glad I could help :)
The only th...Hello Brigitte,<br /><br />Glad I could help :)<br /><br />The only thing I really don't like with this nisNetgroupTriple thing is that I can't just update it. The way the schema is built it forces us to completely erase the entire subdirectory and recreate it from scratch. If I was in your shoes, I'd simply write a script which would poll the OpenLDAP server, fetch the entire nisNetgroupTriple entries, delete them and then generate a new LDIF file which it would subsequently push into the OpenLDAP's DIT.<br /><br />But since I almost never had to do so, I didn't invest time and resources to write that script. I can't believe I'm the only one out there. Good luck in your endeavor!<br /><br />HTH,<br /><br />DA+Arsehttps://www.blogger.com/profile/04480469285928509022noreply@blogger.comtag:blogger.com,1999:blog-4619978964286106329.post-48736083880483435472014-04-18T16:38:44.164-04:002014-04-18T16:38:44.164-04:00After dozens of web-searches you've given me t...After dozens of web-searches you've given me the workaround to entering a new nisNetgroupTriple to an LDAP server I inherited - THANK YOU so much.<br /><br />However I'd like to fix it, i.e. modify the attribute schema, because we add users very frequently, but I can't work out the ldif format for removing the old SYNTAX and adding the new SYNTAX & EQUALITY. <br /><br />Any chance you could provide an example ldif for modifying the schema as you did new/replacement netgroup?<br /><br />Thanks again Dave<br /><br />BrigitteAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4619978964286106329.post-784817053328016322013-05-05T07:44:46.312-04:002013-05-05T07:44:46.312-04:00Hello Mike,
I must admit I've never tried wit...Hello Mike,<br /><br />I must admit I've never tried with IP addresses. I prefer working with FQDNs. A quick search on this returned that it doesn't seem to work. I guess you'll have to try it out. If you do, then please let me know the outcome.<br /><br />Thanks,<br /><br />DA+Arsehttps://www.blogger.com/profile/04480469285928509022noreply@blogger.comtag:blogger.com,1999:blog-4619978964286106329.post-28849233683250660842013-05-05T06:42:23.162-04:002013-05-05T06:42:23.162-04:00Hello David,
Can the nisNetgroupTriple to be fill...Hello David,<br /><br />Can the nisNetgroupTriple to be filled by an IP address as following example?<br /><br />dn: cn=users,ou=netgroup,ou=services,dc=company,dc=com<br />objectClass: top<br />objectClass: nisNetgroup<br />cn: users<br />nisNetgroupTriple: (192.168.1.101,,)<br />nisNetgroupTriple: (192.168.1.102,,)<br />nisNetgroupTriple: (192.168.1.103,,)<br />description: All Oracle machines<br /><br />And define the NFS exports to allow only machines with 192.168.1.101, 192.168.1.102, 192.168.1.103 to connect to the NFS server?<br /><br />/exports/mnt @users(rw,sync)<br /><br /><br /><br /><br /><br /><br />Mikehttps://www.blogger.com/profile/15421365356367028251noreply@blogger.comtag:blogger.com,1999:blog-4619978964286106329.post-24684467969416639642013-04-26T10:27:16.680-04:002013-04-26T10:27:16.680-04:00Hello,
Are you trying this from the client or the...Hello,<br /><br />Are you trying this from the client or the server?<br />Is your netgroup properly configured in /etc/nsswitch.conf to fetch the info from ldap?<br />What is the slapd.log generated when you run getent netgroup dev?<br /><br />DA+Arsehttps://www.blogger.com/profile/04480469285928509022noreply@blogger.comtag:blogger.com,1999:blog-4619978964286106329.post-53942114883543965672013-04-26T05:47:58.234-04:002013-04-26T05:47:58.234-04:00Hi!
This is my netgroup.ldif file:
dn: ou=netgrou...Hi!<br />This is my netgroup.ldif file:<br /><br />dn: ou=netgroup,ou=services,dc=suri,dc=com<br />ou: netgroup<br />objectClass: top<br />objectClass: organizationalUnit<br />description: nfs netgroup<br /><br />dn: cn=oracle,ou=netgroup,ou=services,dc=suri,dc=com<br />objectClass: top<br />objectClass: nisNetgroup<br />cn: oracle<br />nisNetgroupTriple: (oracle.suri.com,,)<br />description: all oracle machines<br /><br />dn: cn=dev,ou=netgroup,ou=services,dc=suri,dc=com<br />objectClass: top<br />objectClass: nisNetgroup<br />cn: dev<br />nisNetgroupTriple: (bob.suri.com,,)<br />description: All development services<br /><br />After adding these when I try to use "getent netgroup dev" command it showing me nathing.<br />What is wrong with it.<br /><br />Thanks!!!<br />Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4619978964286106329.post-89971237950686711812012-11-02T16:33:30.073-04:002012-11-02T16:33:30.073-04:00Hello jbnewyorker,
I prefer the (client.company.c...Hello jbnewyorker,<br /><br />I prefer the (client.company.com,,) form, but that's just me as I've tried both versions and it works.<br /><br />I'm in vacation right now and so away from my setup. Ping me next week when I'll be back if I don't answer this question with more detail.<br /><br />DA+Arsehttps://www.blogger.com/profile/04480469285928509022noreply@blogger.comtag:blogger.com,1999:blog-4619978964286106329.post-42532932643318533862012-11-01T23:49:29.054-04:002012-11-01T23:49:29.054-04:00I can't seem to get it to mount setting the ni...I can't seem to get it to mount setting the nisNetgroupTriple to a host (client,,company.com) or (client.company.com,,). I can get it to work fine if I set the user (,test.user,) or (,test.user,company.com). Am I missing something?Joseph Bennetthttps://www.blogger.com/profile/01479641142166821052noreply@blogger.com