ldap(7P)




LDAP(7P)                                                              LDAP(7P)


NAME
     ldap - Lightweight Directory Access Protocol (Client)

SYNOPSIS
     /var/ns/lib/libns_ldap.so

DESCRIPTION
     Lightweight Directory Access Protocol (LDAP) is a specification for a
     client-server protocol to retrieve and manage directory information.
     Originally intended as a means for clients on lightweight workstations to
     access X.500 directories, it can be used with any directory system which
     follows the X.500 data model.  The libns_ldap.so shared library contains
     routines to contact a remote LDAP server daemon, fetch information, and
     format it so that it is available to local name service routines.  This
     library is meant to be used with the nsd(1M) name service daemon only.

     The library /var/ns/lib/libns_ldap.so is opened by the nsd(1M) daemon
     when ldap is listed as the protocol for some map in a nsswitch.conf file.
     On first open the library initialization procedure parses the
     configuration file /var/ns/ldap.conf to determine the list of servers to
     contact, and the schemas for each table in the database.

     The library contains code to fetch data from a remote LDAP server and
     present it as lines from the configuration file from which it came.  The
     nsd daemon then presents that data in the filesystem mounted under /ns.

     Extended attributes in the nsswitch.conf file can be used to control the
     behavior of the LDAP protocol.  Extended attributes are simply lists of
     key/value pairs attached to each object in the nsd filesystem.  The
     attributes supported in this library are:

     domain
          The domain is used to determine which remote LDAP server to contact
          for a request.  This attribute is typically inherited from the
          daemon depending on the nsswitch.conf file that is being read.

     table
          The table attribute is typically inherited from the daemon based on
          the line from which this entry occurs in the nsswitch.conf file.  In
          the above example the table attribute would be set to hosts.byname
          or hosts.byaddr depending on the context of the request.  The table
          attribute determines which database schema and format are used.  See
          the ldap.conf(4) man page for more information on schemas.

     key  The key is set by the nsd daemon for each request.  The schema for
          the current table typically contains a rewriting rule for the key to
          make an appropriate request to the remote LDAP daemon.

     open_timeout
          The open_timeout attribute specifies the amount of time in seconds
          the client will wait for a bind or connect request to be returned
          from the server before giving up.  The default is 5 seconds.


     search_timeout
          The search_timeout attribute specifies the amount of time in seconds
          the client will wait for a search request to be returned from the
          server before giving up.  The default is 10 seconds.

     error_timeout
          The error_timeout attribute specifies the amount of time in seconds
          a particular server will be taken off of the round-robin cue after
          an error has occurred.  The default is 5 seconds.

     max_requests
          The max_requests attribute specifies the number of referrals that
          will be followed for a given request.  The default is 3.

SEE ALSO
     nsd(1M), nsswitch.conf(4), ldap.conf(4)
     IRIX Admin: Networking and Mail


                                                                        Page 2