forked from PADL/nss_ldap
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ANNOUNCE
125 lines (89 loc) · 4.4 KB
/
ANNOUNCE
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
ANNOUNCING NSS_LDAP
===================
1. What is nss_ldap?
--------------------
nss_ldap is a set of C library extensions which allows X.500 and LDAP
directory servers to be used as a primary source of aliases, ethers,
groups, hosts, networks, protocol, users, RPCs, services and shadow
passwords (instead of or in addition to using flat files or NIS).
nss_ldap nominally supports the following operating system libraries:
o the Nameservice Switch in Solaris 2.4 to 9
o the Nameservice Switch in HP-UX 11
o the Nameservice Switch in the GNU C Library 2.1 (as
in libc.so.6 under Linux)
o the Nameservice Switch in FreeBSD 5.x
o the Information Retrieval Service (IRS) in BIND
o the Information Retrieval Service (IRS) and proprietary
authentication and identity interface in AIX 4.3.3
nss_ldap is an implementation of the schema specified in RFC 2307
and is compatible with that used in PADL Software Pty Ltd's
NIS/LDAP gateway (ypldapd), and current versions of Solaris,
HP-UX and MacOS X.
2. What can it do for me?
-------------------------
nss_ldap lets you use LDAP servers, like Netscape's Directory Server,
to distribute users, hosts, groups and other like information throughout
an organization. Because LDAP is a hierarchical directory service,
you can distribute the information in a manner which reflects an
organizational structure. This contrasts with the flat, single domain
policy of NIS. LDAP has many of the advantages of NIS+ (security and
scalability) without the complexity.
nss_ldap will work alongside your existing NIS, NIS+, DNS and flat file
name services. More importantly, because it builds as a shared library,
you don't have to recompile any of your applications to take advantage
of LDAP. When used with a directory server under NT, it may be helpful
in synchronizing Unix and NT accounts.
3. What are its limitations?
----------------------------
Currently, some "maps" (like bootparams) are not supported. It's also
alpha software, so use it at your own risk. This should be considered
with respect to the fact the nss_ldap is loaded into the address space
of *every* process which uses the C library's resolver functions and
has LDAP in its search order. (This isn't entirely true under Solaris,
but the implications are similar.)
Finally, it only supports Linux and Solaris (and some versions of
BSD). You might want to look at ypldapd (see below) if you need to
support NIS clients.
4. How much does it cost?
-------------------------
It's free, and distributed under the GNU General Library Public
Licence (LGPL). Please read the file COPYING.LIB For more information.
5. Where do I get it?
---------------------
nss_ldap is available from:
<URL:http://www.padl.com/download/nss_ldap.tgz>
<URL:ftp://ftp.padl.com/pub/nss_ldap.tgz>
We have also made available some Perl scripts for populating LDAP
databases from existing flat files, NIS and/or NetInfo data.
<URL:http://www.padl.com/download/MigrationTools.tgz>
<URL:ftp://www.padl.com/pub/MigrationTools.tgz>
You'll need to compile a position-independent LDAP client library
(libldap). You can either get the entire LDAP package from the University
of Michigan (see below) and add "-fPIC" (if you're using gcc) to the
C compiler flags; download the Mozilla SDK from www.mozilla.org;
download the prebuilt Netscape LDAP SDK from developer.netscape.com;
or download OpenLDAP from www.openldap.org.
6. Where can I get more information?
------------------------------------
To discuss nss_ldap, ypldapd, and related technologies, you may subscribe
to the following mailing list:
<URL:mailto:[email protected]>
Send an electronic mail message with "subscribe" in the message body to
join the list.
To contact the developers, email:
<URL:mailto:[email protected]>
Note that PADL offer commercial support on a per-incident basis. The
[email protected] is for commercial support customers only.
For more information on using LDAP for name resolution, and related software,
see:
<URL:http://www.padl.com>
And if you need an LDAP server, or some general information on LDAP,
see:
<URL:http://www.openldap.org>
7. Who wrote it?
----------------
nss_ldap was written by PADL Software Pty Ltd <[email protected]>. Many
others have contributed, see the file AUTHORS in this directory.
Please read the following document before submitting any
contributions:
<URL:http://www.padl.com/Articles/GuidelinesforContributing.html>