Boris Epstein wrote:
On Tue, Nov 15, 2011 at 10:08 AM, Rich Megginson <rmegg...@redhat.com
<mailto:rmegg...@redhat.com>> wrote:
__
On 11/15/2011 07:44 AM, Boris Epstein wrote:
On Mon, Nov 14, 2011 at 7:16 PM, Nalin Dahyabhai <na...@redhat.com
<mailto:na...@redhat.com>> wrote:
On Mon, Nov 14, 2011 at 05:19:44PM -0500, Boris Epstein wrote:
> Hello all,
>
> I am using the FreeIPA to run NIS via a plugin. Works
great - except
> that the ypserv port numbers end up different after every
reboot. That
> makes it hard to run it with the firewall activated.
>
> Does anybody know how to make those port number
assignments permanent?
There's no tooling specifically for doing this, but the plugin
supports
it. In order to get it to use a fixed port, you'll need to
edit the
directory server entry for "cn=NIS Server, cn=plugins,
cn=config" and
add a "nsslapd-pluginarg0" value which contains the port
number you'd
like it to use.
You can do this either by stopping the directory server,
editing its
dse.ldif file directly, and then restarting it, or by editing
the entry
"live" using ldapmodify and then restarting the server. The
latter
method (I'm using port 541 here) looks something like this:
# ldapmodify -x -D "cn=Directory Manager" -W <<- EOF
dn: cn=NIS Server,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginarg0
nsslapd-pluginarg0: 541
-
EOF
# ipactl restart
You'll need to supply the Directory Manager password. Once
that's done,
running "rpcinfo -p" on the server should show that the NIS
service is
listening on the desired port.
HTH,
Nalin
Nalin,
Thanks a lot for the tip. It definitely looks like this put me on
the right path though I am not quite there yet.
Doing what you suggested did not quite work. For one thing, the
right cn is "NIS", not "NIS Server". Another thing is, it does not
look like the LDIF files in question have the nsslapd-pluginarg0
parameter - or are happy with it being added.
You have to shutdown the directory server first
service dirsrv stop
or
systemctl stop dirsrv.target
Rich,
I even went as far as rebooting the whole machine - even that did not
seem to make a difference.
Boris.
Strange, it is NIS Server on my install too. Can you show the output of
your entry?
This worked for me:
# ldapmodify -x -D 'cn=directory manager' -w secretpassword
dn: cn=NIS Server,cn=plugins,cn=config
changetype: modify
add: nsslapd-pluginarg0
nsslapd-pluginarg0: 541
modifying entry "cn=NIS Server,cn=plugins,cn=config"
rob
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users