Provided by:
libnss-ldap_238-1.1ubuntu1_i386 
NAME
libnss-ldap.conf - Configuration file for LDAP NSS library
DESCRIPTION
This file provides configuration information for NSS LDAP library.
Each line in the file is either a comment (indicated with a hash ’#’)
or a directive followed by a parameter. Directives which are not
specified in the file are set to their default values.
PARAMETERS
The recognized directives are as follows: host The LDAP directory
server to direct all queries to. Must be resolvable without using LDAP.
Can be a hostname or an IP address. If not specified the libraries will
attempt to use DNS ’Resource Records’ (RR) to find the appropriate
host.
base The distinguished name of the search base. If this parameter is
omitted it the defaultdomain is used in a fashion specified by
RFC2247
Commonly the elements of the domain
name prefixed with ’dc=’. Example: dc=rage,dc=net. This value is
required.
uri Another way to specify your LDAP server is to provide an uri
with the server name. This allows to use Unix Domain Sockets to
connect to a local LDAP Server.
uri ldap://127.0.0.1/
uri ldaps://127.0.0.1/
uri ldapi://%2fvar%2frun%2fldapi_sock/
Note: %2f encodes the ’/’ used as directory separator
ldap_version
LDAP version to use. Valid values are 2 or 3.
binddn The distinguished name to bind to the server with. If omitted
the library will bind anonymously.
bindpw The credentials to bind with. This should only be specified in
conjunction with binddn.
rootbinddn
The distinguished name to bind to the server with if the
effective user ID is root.
Password is stored in /etc/ldap.secret (mode 600)
port The TCP port to bind to the server with. Defaults to 389
scope The search scope. Should be one of ’one’, ’base’, or ’sub’.
timelimit
Timelimit for searches
bind_timelimit
Timelimit for binding to LDAP server.
bind_policy
Reconnect policy: hard (default) will retry connecting to the
software with exponential backoff, soft will fail immediately.
The following parameters are NSS specific. They modify the default
behaviour of NSS library. All of these are optional.
nss_base_XXX
these parameters control where certain data is found. if you
define a filter, it will be &’d with the default filter.
example: nss_base_XXX base?scope?filter
you can also omit the suffix, and base DN will be appended to
it. This may incur a small performance impact.
example: nss_base_passwd ou=People,
Valid parameters are:
nss_base_passwd
nss_base_shadow
nss_base_group
nss_base_hosts
nss_base_services
nss_base_networks
nss_base_protocols
nss_base_rpc
nss_base_ethers
nss_base_netmasks
nss_base_bootparams
nss_base_aliases
nss_base_netgroup
FILES
/etc/libnss-ldap.conf
AUTHOR
Software by Luke Howard <lukeh@padl.com>
Manual page created by Greg Retkowski <greg@rage.net>
and updated by Sami Haahtinen <ressu@debian.org>
14 April 2001 libnss-ldap.conf(1)