Hi all. I have been dinking with this a few minutes at a time since last week, and am having a problem, still. I have gone over my nis-plugin.ldif file and verified that nis-domain matches everywhere (at first it didn't), and that once the dirsrv successfully starts I can see with 'rpcinfo -p' that ypserv is bound to some port (it changes each time I reboot, but no biggie; I'm not running a firewall). I can check from a remote host (again with rpcinfo) and see the ypserv service is available. However, when I try to 'ypcat passwd', from a host that is configured to use the freeipa server as its NIS server, it doesn't return anything. If I further do something like: 'ypcat -h freeipakc01 -d someorg passwd', it eventually times out and says "No such map passwd.byname. Reason: Can't communicate with portmapper". "Aha," I think. A clue. Alas, I verified that the rpcbind service is still running. Both host.allow and host.deny are empty (thus allowing all connections). Rebooting doesn't help.
Here is my ldif I uploaded to setup the nis-plugin: dn: cn=NIS Server, cn=plugins, cn=config objectclass: top objectclass: nsSlapdPlugin objectclass: extensibleObject cn: NIS Server nsslapd-pluginpath: /usr/lib64/dirsrv/plugins/nisserver-plugin.so nsslapd-plugininitfunc: nis_plugin_init nsslapd-plugintype: object nsslapd-pluginenabled: on nsslapd-pluginid: nis-server nsslapd-pluginversion: 0.15 nsslapd-pluginvendor: redhat.com nsslapd-plugindescription: NIS Server Plugin nis-tcp-wrappers-name: nis-server dn: nis-domain=someorg+nis-map=passwd.byname, cn=NIS Server, cn=plugins, cn=config objectclass: top objectclass: extensibleObject nis-domain: someorg nis-map: passwd.byname nis-base: cn=users, dc=some-org, dc=org nis-secure: no dn: nis-domain=someorg+nis-map=passwd.byuid, cn=NIS Server, cn=plugins, cn=config objectclass: top objectclass: extensibleObject nis-domain: someorg nis-map: passwd.byuid nis-base: cn=users, dc=some-org, dc=org nis-secure: no dn: nis-domain=someorg+nis-map=group.byname, cn=NIS Server, cn=plugins, cn=config objectclass: top objectclass: extensibleObject nis-domain: someorg nis-map: group.byname nis-base: cn=groups, dc=some-org, dc=org nis-secure: no dn: nis-domain=someorg+nis-map=group.bygid, cn=NIS Server, cn=plugins, cn=config objectclass: top objectclass: extensibleObject nis-domain: someorg nis-map: group.bygid nis-base: cn=groups, dc=some-org, dc=org nis-secure: no dn: nis-domain=someorg+nis-map=group.upg, cn=NIS Server, cn=plugins, cn=config objectclass: top objectclass: extensibleObject nis-domain: someorg nis-map: group.upg nis-base: cn=users, dc=some-org, dc=org nis-filter: (objectclass=posixAccount) nis-key-format: %{uid} nis-value-format: %{uid}:*:%{gidNumber}:%{uid} nis-secure: no nis-disallowed-chars: :, dn: nis-domain=someorg+nis-map=netid.byname, cn=NIS Server, cn=plugins, cn=config objectclass: top objectclass: extensibleObject nis-domain: someorg nis-map: netid.byname nis-base: cn=users, dc=some-org, dc=org nis-secure: no Here's the output of rpcinfo: [r...@freeipa freeipa]# rpcinfo -p program vers proto port service 100000 4 tcp 111 portmapper 100000 3 tcp 111 portmapper 100000 2 tcp 111 portmapper 100000 4 udp 111 portmapper 100000 3 udp 111 portmapper 100000 2 udp 111 portmapper 100024 1 udp 45003 status 100024 1 tcp 54515 status 100004 2 tcp 710 ypserv 100004 2 udp 710 ypserv 100011 1 udp 875 rquotad 100011 2 udp 875 rquotad 100011 1 tcp 875 rquotad 100011 2 tcp 875 rquotad 100003 2 udp 2049 nfs 100003 3 udp 2049 nfs 100003 4 udp 2049 nfs 100021 1 udp 48842 nlockmgr 100021 3 udp 48842 nlockmgr 100021 4 udp 48842 nlockmgr 100021 1 tcp 57232 nlockmgr 100021 3 tcp 57232 nlockmgr 100021 4 tcp 57232 nlockmgr 100003 2 tcp 2049 nfs 100003 3 tcp 2049 nfs 100003 4 tcp 2049 nfs 100005 1 udp 38415 mountd 100005 1 tcp 44539 mountd 100005 2 udp 38415 mountd 100005 2 tcp 44539 mountd 100005 3 udp 38415 mountd 100005 3 tcp 44539 mountd Surely I am missing something obvious. Insight would be appreciated. Has anyone else gotten this to work? -- Brandon _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users