Troubleshooting name service issues

When clients experience access failures due to name service issues, you can use the vserver services name-service getxxbyyy command family to manually perform various name service lookups and examine the details and results of the lookup to help with troubleshooting.

1. Perform one of the following actions:

   To retrieve the...	Use the command...
   IP address of a host name	vserver services name-service getxxbyyy getaddrinfo vserver services name-service getxxbyyy gethostbyname (IPv4 addresses only)
   Members of a group by group ID	vserver services name-service getxxbyyy getgrbygid
   Members of a group by group name	vserver services name-service getxxbyyy getgrbyname
   List of groups a user belongs to	vserver services name-service getxxbyyy getgrlist
   Host name of an IP address	vserver services name-service getxxbyyy getnameinfo vserver services name-service getxxbyyy gethostbyaddr (IPv4 addresses only)
   User information by user name	vserver services name-service getxxbyyy getpwbyname You can test name resolution of RBAC users by specifying the -use-rbac parameter as true .
   User information by user ID	vserver services name-service getxxbyyy getpwbyuid You can test name resolution of RBAC users by specifying the -use-rbac parameter as true .
   Netgroup membership of a client	vserver services name-service getxxbyyy netgrp
   Netgroup membership of a client using netgroup-by-host search	vserver services name-service getxxbyyy netgrpbyhost

   Example

   The following example shows a DNS lookup test for the SVM vs1 by attempting to obtain the IP address for the host acast1.eng.example.com:

   cluster1::*> vserver services name-service getxxbyyy getaddrinfo -vserver vs1 -hostname acast1.eng.example.com -address-family all -show-source true
   Source used for lookup: DNS
   Host name: acast1.eng.example.com
   Canonical Name: acast1.eng.example.com
   IPv4: 10.72.8.29
   

   The following example shows a NIS lookup test for the SVM vs1 by attempting to retrieve user information for a user with the UID 501768:

   cluster1::*> vserver services name-service getxxbyyy getpwbyuid -vserver vs1 -userID 501768 -show-source true
   Source used for lookup: NIS
   pw_name: jsmith
   pw_passwd: $1$y8rA4XX7$/DDOXAvc2PC/IsNFozfIN0
   pw_uid: 501768
   pw_gid: 501768
   pw_gecos:
   pw_dir: /home/jsmith
   pw_shell: /bin/bash
   

   The following example shows an LDAP lookup test for the SVM vs1 by attempting to retrieve user information for a user with the name ldap1:

   cluster1::*> vserver services name-service getxxbyyy getpwbyname -vserver vs1 -username ldap1 -use-rbac false -show-source true
   Source used for lookup: LDAP
   pw_name: ldap1
   pw_passwd: {crypt}JSPM6yc/ilIX6
   pw_uid: 10001
   pw_gid: 3333
   pw_gecos: ldap1 user
   pw_dir: /u/ldap1
   pw_shell: /bin/csh
   

   The following example shows a netgroup lookup test for the SVM vs1 by attempting to find out whether the client dnshost0 is a member of the netgroup lnetgroup136:

   cluster1::*> vserver services name-service getxxbyyy netgrp -vserver vs1 -netgroup lnetgroup136 -client dnshost0 -show-source true
   Source used for lookup: LDAP
   dnshost0 is a member of lnetgroup136
   
2. Analyze the results of the test you performed and take the necessary action.

   Example

   If the...	Check the...
   Host name or IP address lookup failed or yielded incorrect results	DNS configuration
   Lookup queried an incorrect source	Name service switch configuration
   User or group lookup failed or yielded incorrect results	Name service switch configuration Source configuration (local files, NIS domain, LDAP client) Network configuration (for example, LIFs and routes)
   Host name lookup failed or timed out, and the DNS server does not resolve DNS short names (for example, host1)	DNS configuration for top-level domain (TLD) queries You can disable TLD queries using the -is-tld-query-enabled false option to the vserver services name-service dns modify command.