-   Linux - Server (
-   -   nss_ldap, openldap and openldap-server ... what is openldap for? (

chakkerz 08-13-2009 02:39 AM

nss_ldap, openldap and openldap-server ... what is openldap for?
Hello there

I'm trying to sort out our LDAP setup. I've gathered that:
nss_ldap provides the means for logging in using ldap.
openldap-server provides the service that nss_ldap connects to and does the authentication against.

So, what does openldap do? There are no binaries ... only libraries. So i'm guessing it is the shared components which still get used by nss_ldap ... though what else is there?

I have nss_ldap and openldap installed everywhere but what the later does ... is baffling me.

I've not done a lot of digging because ... well the rpm -qi stuff isn't helping and my staring at the configuration attempting to work out the voodoo that's making the replication work is frustrating me.

Any insight would be great...

nowonmai 08-13-2009 03:49 AM

That is not entirely accurate. nss_ldap provides a method for the system to access information such as group and user information. This is not the same as logging in. That function would be provided by pam_ldap, or at least the authenticaton aspect would.

openldap itself is a package which contains the libraries that allow services to access information in the LDAP database. It also contains binaries that allow one to administrate the LDAP. It contains the actual db engine (usually Sleepycat) and it contains base schemas and config files.

chakkerz 08-13-2009 07:16 PM

Yeah, that's what i thought. nss_ldap contains pam_ldap from the rpm -ql ... sorry i wasn't precise.

Thanks for the answer :)

All times are GMT -5. The time now is 10:37 PM.