[Freeipa-users] fixing port numbers associated with the NIS

Boris Epstein borepstein at gmail.com
Tue Nov 15 15:12:32 UTC 2011


On Tue, Nov 15, 2011 at 10:08 AM, Rich Megginson <rmeggins at redhat.com>wrote:

> **
> On 11/15/2011 07:44 AM, Boris Epstein wrote:
>
>
>
> On Mon, Nov 14, 2011 at 7:16 PM, Nalin Dahyabhai <nalin at redhat.com> wrote:
>
>>  On Mon, Nov 14, 2011 at 05:19:44PM -0500, Boris Epstein wrote:
>> >    Hello all,
>> >
>> >    I am using the FreeIPA to run NIS via a plugin. Works great - except
>> >    that the ypserv port numbers end up different after every reboot.
>> That
>> >    makes it hard to run it with the firewall activated.
>> >
>> >    Does anybody know how to make those port number assignments
>> permanent?
>>
>>  There's no tooling specifically for doing this, but the plugin supports
>> it.  In order to get it to use a fixed port, you'll need to edit the
>> directory server entry for "cn=NIS Server, cn=plugins, cn=config" and
>> add a "nsslapd-pluginarg0" value which contains the port number you'd
>> like it to use.
>>
>> You can do this either by stopping the directory server, editing its
>> dse.ldif file directly, and then restarting it, or by editing the entry
>> "live" using ldapmodify and then restarting the server.  The latter
>> method (I'm using port 541 here) looks something like this:
>>
>>  # ldapmodify -x -D "cn=Directory Manager" -W <<- EOF
>>  dn: cn=NIS Server,cn=plugins,cn=config
>>  changetype: modify
>>  replace: nsslapd-pluginarg0
>>  nsslapd-pluginarg0: 541
>>  -
>>
>>  EOF
>>  # ipactl restart
>>
>> You'll need to supply the Directory Manager password.  Once that's done,
>> running "rpcinfo -p" on the server should show that the NIS service is
>> listening on the desired port.
>>
>> HTH,
>>
>> Nalin
>>
>
> Nalin,
>
>  Thanks a lot for the tip. It definitely looks like this put me on the
> right path though I am not quite there yet.
>
>  Doing what you suggested did not quite work. For one thing, the right cn
> is "NIS", not "NIS Server". Another thing is, it does not look like the
> LDIF files in question have the nsslapd-pluginarg0 parameter - or are happy
> with it being added.
>
> You have to shutdown the directory server first
> service dirsrv stop
> or
> systemctl stop dirsrv.target
>

Rich,

I even went as far as rebooting the whole machine - even that did not seem
to make a difference.

Boris.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20111115/727a8bb8/attachment.htm>


More information about the Freeipa-users mailing list