Provided by: libnss-ldap_238-1.1ubuntu1_i386 bug

NAME

       libnss-ldap.conf - Configuration file for LDAP NSS library

DESCRIPTION

       This file provides configuration information for NSS LDAP library.

       Each  line  in the file is either a comment (indicated with a hash ’#’)
       or a directive followed  by  a  parameter.  Directives  which  are  not
       specified in the file are set to their default values.

PARAMETERS

       The  recognized  directives  are  as  follows:  host The LDAP directory
       server to direct all queries to. Must be resolvable without using LDAP.
       Can be a hostname or an IP address. If not specified the libraries will
       attempt to use DNS ’Resource Records’  (RR)  to  find  the  appropriate
       host.

       base   The  distinguished name of the search base. If this parameter is
              omitted it the defaultdomain is used in a fashion  specified  by
              RFC2247

              Commonly the elements of the domain

              name prefixed with ’dc=’. Example: dc=rage,dc=net. This value is
              required.

       uri    Another way to specify your LDAP server is  to  provide  an  uri
              with  the server name. This allows to use Unix Domain Sockets to
              connect to a local LDAP Server.

              uri ldap://127.0.0.1/
              uri ldaps://127.0.0.1/
              uri ldapi://%2fvar%2frun%2fldapi_sock/
              Note: %2f encodes the ’/’ used as directory separator

       ldap_version
              LDAP version to use. Valid values are 2 or 3.

       binddn The distinguished name to bind to the server  with.  If  omitted
              the library will bind anonymously.

       bindpw The  credentials  to bind with. This should only be specified in
              conjunction with binddn.

       rootbinddn
              The distinguished name  to  bind  to  the  server  with  if  the
              effective user ID is root.

              Password is stored in /etc/ldap.secret (mode 600)

       port   The TCP port to bind to the server with. Defaults to 389

       scope  The search scope. Should be one of ’one’, ’base’, or ’sub’.

       timelimit
              Timelimit for searches

       bind_timelimit
              Timelimit for binding to LDAP server.

       bind_policy
              Reconnect  policy:  hard  (default) will retry connecting to the
              software with exponential backoff, soft will fail immediately.

       The following parameters are NSS  specific.  They  modify  the  default
       behaviour of NSS library. All of these are optional.

       nss_base_XXX
              these  parameters  control  where  certain data is found. if you
              define a filter, it will be &’d with the default filter.

              example:  nss_base_XXX          base?scope?filter

              you can also omit the suffix, and base DN will  be  appended  to
              it. This may incur a small performance impact.

              example:  nss_base_passwd       ou=People,

              Valid parameters are:

              nss_base_passwd
              nss_base_shadow
              nss_base_group
              nss_base_hosts
              nss_base_services
              nss_base_networks
              nss_base_protocols
              nss_base_rpc
              nss_base_ethers
              nss_base_netmasks
              nss_base_bootparams
              nss_base_aliases
              nss_base_netgroup

FILES

       /etc/libnss-ldap.conf

AUTHOR

       Software by Luke Howard <lukeh@padl.com>
       Manual page created by Greg Retkowski <greg@rage.net>
       and updated by Sami Haahtinen <ressu@debian.org>

                                 14 April 2001             libnss-ldap.conf(1)