rfc2307bis

nis rfc2307 is obsolete, this README will help you to replace it by the new rfc2307bis.ldif

1 - Install openldap and utils

sudo apt install slapd ldap-utils

2 - Download rfc2307bis.ldif

sudo wget https://github.com/palw3ey/rfc2307bis/releases/download/latest/rfc2307bis.ldif -O /etc/ldap/schema/rfc2307bis.ldif

3 - Edit slapd.init.ldif to replace rfc2307

sudo vi /usr/share/slapd/slapd.init.ldif

find this line :

include: file:///etc/ldap/schema/nis.ldif

append a # at the beginning of the line, to make it as a comment.
And just below this commented line, add :

include: file:///etc/ldap/schema/rfc2307bis.ldif

4 - Start the configuration of OpenLDAP

sudo dpkg-reconfigure slapd

5 - Verify that rfc2307bis is enabled

sudo ldapsearch -LLL -Y external -H ldapi:/// -b cn=schema,cn=config -s one dn

If everything is OK, then you should see this line in the output :

dn: cn={2}rfc2307bis,cn=schema,cn=config

6 - memberof overlay (optional)

Enable memberof overlay : To automatically add (or remove) a "memberof" attribute to the user entry, when the user is added (or removed) to a groupofnames.

Check if memberof is already enabled :

sudo slapcat -n 0 | grep "olcModuleLoad.*memberof"

Otherwise load memberof module :

sudo ldapmodify -Y EXTERNAL -H ldapi:/// <<!
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: memberof.la
!

Check if memberof overlay is already enabled :

sudo slapcat -n 0 | grep "olcOverlay.*memberof"

Otherwise apply overlay :

sudo ldapmodify -a -Y EXTERNAL -H ldapi:/// <<!
dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcMemberOf
olcOverlay: memberof
olcMemberOfRefint: TRUE
!