On 26.11.2013 16:27, slacker lnx wrote:
Hello,
I have a few ldap clients which were set up by my previous sys-admin.
1. In some of the servers I see that the configuration is done in
/etc/pam_ldap.conf, /etc/nslcd.conf and there is a nslcd process running on
the clients.
2. On other servers I find that there is only an /etc/ldap.conf and there
are no nslcd process running.
The configuration values in both the approaches are the same.
Are there two different ways to setup an ldap client. I would like to
understand both these approaches. In the second approach is there some
other process which does the ldap lookup?
Can someone share links to docs related to both the installation steps.
Thanks
Hi,
in the cases with /etc/pam_ldap.conf, /etc/libnss_ldap.conf,
/etc/ldap.conf and the like, with no daemon running, the system is very
likely using PADL's nss_ldap [1] and pam_ldap [2] libs. In case of
/etc/nslcd.conf and a running daemon, it's using nss-pam-ldapd [3]
which, as you'll read on the website, started out as a fork of nss_ldap.
In your first case, they probably switched from pam_/nss_ldap to nslcd
and didn't clean up the old config. Possibly because pam_/nss_ldap made
problems [4].
Another option would be sssd [5]. Dunno if there are more for Linux.