If you are using /etc/ethers than you can move it into your LDAP. First take a look at your /etc/ethers:
# cat /etc/ethers
00:1B:21:02:96:56 192.168.1.70
00:30:05:c5:2a:ba 192.168.1.73
98:FC:11:79:37:76 192.168.1.69
Now create a ldif file that contains the above information:
# vi ethers.ldif
dn: ou=ethers,dc=example,dc=com
ou: ethers
objectClass: top
objectClass: organizationalUnit
dn: cn=192.168.1.70,ou=ethers,dc=example,dc=com
cn: 192.168.1.70
macAddress: 00:1B:21:02:96:56
objectClass: ieee802Device
objectClass: device
objectClass: top
description: Blog Server
dn: cn=192.168.1.73,ou=ethers,dc=example,dc=com
cn: 192.168.1.73
macAddress: 00:30:05:c5:2a:ba
objectClass: ieee802Device
objectClass: device
objectClass: top
description: Domain Controller
dn: cn=192.168.1.69,ou=ethers,dc=example,dc=com
cn: 192.168.1.69
macAddress: 98:FC:11:79:37:76
objectClass: ieee802Device
objectClass: device
objectClass: top
description: WLAN Router
Now add it to your LDAP server:
# ldapadd -x -W -D 'cn=ldapadmin,dc=example,dc=com' -f ethers.ldif
Enter LDAP Password:
adding new entry "ou=ethers,dc=example,dc=com"
adding new entry "cn=192.168.1.70,ou=ethers,dc=example,dc=com"
adding new entry "cn=192.168.1.73,ou=ethers,dc=example,dc=com"
adding new entry "cn=192.168.1.69,ou=ethers,dc=example,dc=com"
Next modify your ldap.conf so it can find your LDAP entrys:
# vi /etc/ldap.conf
...
nss_base_ethers ou=ethers,dc=example,dc=com?one
...
Then configure /etc/nsswitch.conf and allow your system to look for ethernet addresses in your LDAP:
# vi /etc/nsswitch.conf
...
ethers: files ldap
...
Finally move the original /etc/ethers to another location and test a query against your LDAP:
# mv /etc/ethers /etc/ethers.bak
# getent ethers 00:1B:21:02:96:56
0:1b:21:2:96:56 192.168.1.70
# getent ethers 192.168.1.73
0:30:5:c5:2a:ba 192.168.1.73
It will show you the IP and ethernet address for your query.
No comments:
Post a Comment