LDAP(7P) LDAP(7P)
ldap - Lightweight Directory Access Protocol (Client)
/var/ns/lib/libns_ldap.so
Lightweight Directory Access Protocol (LDAP) is a specification for a
client-server protocol to retrieve and manage directory information.
Originally intended as a means for clients on lightweight workstations to
access X.500 directories, it can be used with any directory system which
follows the X.500 data model. The libns_ldap.so shared library contains
routines to contact a remote LDAP server daemon, fetch information, and
format it so that it is available to local name service routines. This
library is meant to be used with the nsd(1M) name service daemon only.
The library /var/ns/lib/libns_ldap.so is opened by the nsd(1M) daemon
when ldap is listed as the protocol for some map in a nsswitch.conf file.
On first open the library initialization procedure parses the
configuration file /var/ns/ldap.conf to determine the list of servers to
contact, and the schemas for each table in the database.
The library contains code to fetch data from a remote LDAP server and
present it as lines from the configuration file from which it came. The
nsd daemon then presents that data in the filesystem mounted under /ns.
Extended attributes in the nsswitch.conf file can be used to control the
behavior of the LDAP protocol. Extended attributes are simply lists of
key/value pairs attached to each object in the nsd filesystem. The
attributes supported in this library are:
domain
The domain is used to determine which remote LDAP server to contact
for a request. This attribute is typically inherited from the
daemon depending on the nsswitch.conf file that is being read.
table
The table attribute is typically inherited from the daemon based on
the line from which this entry occurs in the nsswitch.conf file. In
the above example the table attribute would be set to hosts.byname
or hosts.byaddr depending on the context of the request. The table
attribute determines which database schema and format are used. See
the ldap-ns.conf(4) man page for more information on schemas.
key The key is set by the nsd daemon for each request. The schema for
the current table typically contains a rewriting rule for the key to
make an appropriate request to the remote LDAP daemon.
open_timeout
The open_timeout attribute specifies the amount of time in seconds
the client will wait for a bind or connect request to be returned
from the server before giving up. The default is 2 seconds.
Page 1
LDAP(7P) LDAP(7P)
search_timeout
The search_timeout attribute specifies the amount of time in seconds
the client will wait for a search request to be returned from the
server before giving up. The default is 2 seconds.
error_timeout
The error_timeout attribute specifies the amount of time in seconds
a particular server will be taken off of the round-robin cue after
an error has occurred. The default is 5 seconds.
max_requests
The max_requests attribute specifies the number of referrals that
will be followed for a given request. The default is 3.
nsd(1M), nsswitch.conf(4), ldap.conf(4)
IRIX Admin: Networking and Mail
P�P�P�Pa�a�a�ag�g�g�ge�e�e�e 2�2�2�2 [ Back ]
|
