The nisldap_manage tool
nisldap_manage is a tool for NIS (Network Information Service) and Samba
schema management on LDAP (Lightweight Directory Access Protocol) servers.
The tool has been coded in Perl.
It has been successfully used in small computer networks.
It may contain several bugs so I would not
recommend its use, especially in large networks, uneless you are able to
correct things on your LDAP server using LDIF and LDAP server tools.
Currently, the tool supports the managment of users, groups, hosts, netgroups, and aliases,
stored on an LDAP server. It supports only crypt passwords. I will try to
incorporate additional capabilities in the future.
The tool can be downloaded from:
Its use requires a Perl interpreter with the Tk toolkit, the Net::LDAP
and the Net::LDAPS modules installed. It can be used together with
PADL's nss_ldap, pam_ldap and MigrationTools. Information about these
tools can be found at:
You simply have to run the program and use it. Optionally, you can
build a configuration file named ".nisldap_manage" in your home directory
containing the settings of yours LDAP servers.
The configuration file has an XML-like syntax:
For informations about how to use LDAP with Samba, tools and an excellent HOWTO
can be found at:
The required parameters are:
Optional parameters are:
- Host : Hostname or IP address of the LDAP server
- Base : DN suffix for the queries
- UseSSL : Either 'yes' or 'no' for using or not using an SSL connection
- BindDN : DN for the ldap manager
- cafile : File that contains the keys used in the SSL
connection. It can be ommited if UseSSL is 'no'
An example entry of the .nisldap_manage file is the following:
- SambaSID : Samba SID. Set it if you want to use Samba schema. It
can be obtained from your Samba server by using the command 'net getlocalsid'
- USERS_OU: Table (organization unit) in which the users on
the LDAP server are stored. The default value is 'People'
- GROUPS_OU: Table in which user groups are stored. The default
value is 'Group'
- HOSTS_OU: Table in which unix hosts are stored. The default value
- SAMBA_HOSTS_OU: Table in which windows hosts are stored. The default
value is 'Machine'
- ALIASES_OU: Table in which mail aliases are stored. The default
value is 'Aliases'
- NETGROUPS_OU: Table in which NIS netgroups (groups of users/hosts)
are stored. The default value is 'Netgroup'
After you start the program, select the LDAP server and press the connect
button. If you like what you see, just play with the tool to learn how to
I also include the nisldap_export.pl script which can be used to generate a
Samba and NIS schema for your LDAP server.
Just run something like the following line:
./nisldap_export.pl --domain=yourdomainname --sid=your-samba-sid \
--smbdomain=SAMBADOMAIN > ldap_schema.ldif
Then import the ldap_schema.ldif on your LDAP server. Finally, run the nisldap_manage.pl program to
add users, groups and other NIS and Samba entities.
This tool is not the best solution for NIS schema management for several
reasons. Additional useful features could be added with no much effort:
- managment for automount and profile
- Kerberos schema
- managment of RPC, services, protocols, netinfo NIS records.
- support for non-crypt passwords
- search capabilities.