nss_ldap 248 review
Download
|
|
nss_ldap is an RFC 2307-compliant set of C library extensions.
The resolution of the entities defined in RFC 2307 is generally performed by a set of UNIX C library calls (such as getpwnam() to return the attributes of a user).
The nss_ldap module provides the means for Solaris and Linux workstations to this information (such as users, hosts, and groups) from LDAP directories.
The module is the reference implementation of RFC 2307, and has been studied by vendors such as Sun (who developed the original Name Service Switch interface).
Here are some key features of "nss ldap":
Support for the RFC 2307/RFC 2307bis (including netgroups) as well as user-defined schema
Common implementation across platforms
Support for Kerberos and SSL authentication, integrity and privacy
Configuration file compatibility with pam_ldap
Bootstraps from the DNS using SRV records
Support for AIX, glibc, IRS and ONC+ name service switches
Support for RFC 2307bis groups (including nested groups)
Specific Active Directory support including incremental retrieval of multi-valued attributes
Directory-based authentication for platforms that lack PAM (AIX 4.3.3)
Requirements:
AIX 4.3.3 and above
FreeBSD 5.1
HP-UX 11i
Linux
Solaris 2.6 and above
In addition, nss_ldap requires an LDAP client library, and (optionally) a SASL library compatible with the Cyrus SASL API.
What's New in This Release:
RFC2307bis and paged results support are compiled in by default.
New (tunable) server reconnection logic was added.
Support for automounts on Solaris was added.
AIX support was improved.
Active Directory performance was improved.
A manual page was added.
Various bugfixes were made.
nss_ldap 248 keywords