nsd_openldap(7) UNIX System V nsd_openldap(7)
NAME
nsd_openldap - OpenLDAP client for NSD
SYNOPSIS
/var/ns/lib/libns_openldap.so
DESCRIPTION
Lightweight Directory Access Protocol (LDAP) is a
specification for a client-server protocol to retrieve and
manage directory information. Originally intended as a
means for clients on lightweight workstations to access
X.500 directories, it can be used with any directory system
which follows the X.500 data model. The libns_ldap.so
shared library contains routines that use OpenLDAP to
contact a remote LDAP server daemon, fetch information, and
format it so that it is available to local name service
routines. This library is meant to be used with the nsd(1M)
name service daemon only.
The library /var/ns/lib/libns_openldap.so is opened by the
nsd(1M) daemon when openldap is listed as the protocol for
some map in a nsswitch.conf file. On first open the library
initialization procedure parses the configuration file
/var/ns/nsd_openldap.conf to determine the list of servers
to contact, and the schemas for each table in the database.
It will then open OpenLDAP configuration files as specified
in /var/ns/nsd_openldap.conf.
The library contains code to fetch data from a remote LDAP
server and present it as lines from the configuration file
from which it came. The nsd daemon then presents that data
in the filesystem mounted under /ns.
This library differs with the ldap(7) nsd library in that it
uses OpenLDAP to connect with the LDAP server, and it has a
new syntax for its configuration file. OpenLDAP specific
features may be enabled in the OpenLDAP configuration file
specified for a particular server.
Extended attributes in the nsswitch.conf file can be used to
control the behavior of the LDAP protocol. Extended
attributes are simply lists of key/value pairs attached to
each object in the nsd filesystem. The attributes supported
in this library are:
server The server is used to determine which remote LDAP
server to contact for a request.
domain The domain is used to determine which remote LDAP
server to contact for a request. This is similar to the
server attribute, however, the domain can be inherited from
the daemon depending on the nsswitch.conf file that is being
Page 1 (printed 5/15/05)
nsd_openldap(7) UNIX System V nsd_openldap(7)
read.
table The table attribute is typically inherited from the
daemon based on the line from which this entry occurs in the
nsswitch.conf file. In the above example the table
attribute would be set to hosts.byname or hosts.byaddr
depending on the context of the request. The table
attribute determines which database schema and format are
used. See the nsd_openldap.conf(4) man page for more
information on schemas.
key The key is set by the nsd daemon for each request. The
schema for the current table typically contains a rewriting
rule for the key to make an appropriate request to the
remote LDAP daemon.
FILES
/var/ns/nsd_openldap.conf
SEE ALSO
nsd(1m), ldap(3), nsd_openldap.conf(4), nsswitch.conf(4),
ldap.conf(5).
Page 2 (printed 5/15/05)