LDAP2NIS

ldap2nis collects data from an LDAP server and writes to standard out maps appropriate for use with makedbm in the construction of tables for a traditional ypserv process. This way if you have old hosts or UNIX versions that don't support PAM you can export your LDAP data to a NIS server. A command like the following writes the group.bygid map.

ldap2nis -mapkey gidnumber -minkey gidnumber -minval 0 \
-objectclass posixgroup -host littleboy \
-basedn "o=Morrison Industries, c=US" \
-map "cn,userpassword,gidnumber,memberuid" | \
/usr/lib/yp/makedbm -i /etc/group -m littleboy \
-o morrison - group.bygid

This gets the attributes cn, userpassword, gidnumber, and memberuid (-map) from all objects with an objectclass of posixgroup (-objectclass) and writes a map file with a key of gidnumber (-mapkey). Records with a gidnumber (-minkey) less than 0 (-minval) are not written to the map. The makedbm command is usually used by the make file in /var/yp (or someplace equivalent) to build the NIS maps from the system flat files. makedbm wants a key, a tab, and the line corresponding line of the file, which is exactly what ldap2nis outputs. Fields in the map are colon delimited, and if an LDAP attribute is multi-valued (such as memberuid) it writes each value to the map field seperated by a comma, just as would be seen in a traditional /etc/group. If ldap2nis is unable to find a value for a specified attribute it outputs "!!" for that field. If the LDAP attribute is "userpassword" it removes everything up to and including the first closing curly brace "}".
Download ldap2nis.c

Compile the attached C file with a command like: gcc -llber -lldap -o ldap2nis ldap2nis.c