Subject: Re: LDAP NSS for NetBSD
To: Luke Mewburn <lukem@NetBSD.org>
From: Love <lha@stacken.kth.se>
List: tech-userlevel
Date: 02/22/2005 08:55:41
--=-=-=


Luke Mewburn <lukem@NetBSD.org> writes:

> On Sun, Feb 20, 2005 at 10:29:09PM +1100, Timshel Knoll-Miller wrote:
>   | Hi,
>   | 
>   | I'm not entirely sure that this is the right list - I'm fairly new to 
>   | NetBSD...
>   | 
>   | I'm thinking about writing a BSD licensed LDAP nss backend for NetBSD 
>   | -current's modular nsswitch.
>
> Sound's good; ldap is one of the services I'd like to see a clean
> module for.

I think something like nscd/winbind/lookupd is needed here. The overhead of
TLS connections is to much for the LDAP server, its hard to do TLS
connection reuse, there no where to save the session data.

Sorry for introducing requirements, but experience work showed using a
couple 100's clients with no tls caching made the ldap servers real
unhappy.

Love


--=-=-=
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (NetBSD)

iQIVAwUAQhrlfhZyDLTSep3UAQI9xw/7BC+w+tkZgCpS69e8HoYSNeqobi2ZWMr6
cV6LcVHptY6gDCa26c8PF5wU8BYzHTFu7DFFN6JHiOhbpzeTuUnAMmf+Q3paw51H
OY0RabLxr2wnfqUm5lPOvHzL/hOEe4hRmWOsxETrBzY5Isn/NIlKHPkVy3Vh0yzu
w5GSDC8q/VEbkgqhqlJuvgBtQjtBYyTGt8Ny+z9zNaLZEIZU+S2KsbbUJ0hM6MRi
MUntYpObIi+/CjT3EYFsjlLhMWFQEtcwo/1f46SLkXoBMTlGMMMkwGu4BSd3iu4T
hXOVIfoelgklcA1KyDHLaWpzyQDu7D+sjGxo3GXYqVjuKCYxlvbHFXoBFBMiIVVe
w/z4cf+mdpmzaUICjbWm7PvLdWnft2+2XZRyzuI96XssySgtMTBYcx46FQZOjPZh
anDFGXZLpHISlf66/veqPz1SF70tTv570Jd+WNsEulwZ6msR95YwnIBVeY6mFRoZ
oo46g8Zxst9/yavCJUZ/8GaoF1gT9LhByPbr+k4ybfPcaI+s+M36Ylxiaj2IxWNU
5NH0AtAfaECi/KAKwYXAQrWjXZm5qJWOPDISlxqe6JmzLPC/Zm7yOuL9aQWS6Wdy
c9RWljr1skLaAc6LrzwYp3Ah3qGfJ6PBtl6tDIj2Ip8YsWgoTdEciO3bLpH/wQlx
mf0ayXie930=
=xJ8f
-----END PGP SIGNATURE-----
--=-=-=--