OpenBSD manual page server

Manual Page Search Parameters

YPLDAP.CONF(5) File Formats Manual YPLDAP.CONF(5)

ypldap.confLDAP YP map daemon configuration file

The ypldap(8) daemon provides YP maps using LDAP as a backend.

The ypldap.conf config file is divided into three main sections.

User-defined variables may be defined and used later, simplifying the configuration file.
Global settings for ypldap(8).
LDAP Directory specific parameters.

Much like cpp(1) or m4(1), macros can be defined that will later be expanded in context. Macro names must start with a letter, and may contain letters, digits, and underscores. Macro names may not be reserved words (for example, domain). Macros are not expanded inside quotes.

For example:

fixed_gecos="Pulled from LDAP"

fixed attribute gecos $fixed_gecos

Global settings concern the main behaviour of the daemon.

domain string
Specify the name of the NIS domain ypldap.conf will provide.
interval seconds
Specify the interval in seconds at which the whole directory will be pulled from LDAP.
provide map string
Specify a map that should be provided by ypldap.conf The currently implemented maps are: passwd.byname, passwd.byuid, group.byname, group.bygid.

Directories are used to describe the LDAP schema and help ypldap.conf convert LDAP entries to passwd(5), master.passwd(5), and group(5) lines. A directory declaration is of the following form:

directory "some.host" {
	# directives
}

Valid directives for directories are:

name maps to string
Map the passwd(5), master.passwd(5), or group(5) attribute to the LDAP attribute name supplied.
string
Use the supplied search base as starting point for the directory search.
string
Use the supplied credentials for simple authentication against the directory.
string
Use the supplied Distinguished Name to bind to the directory.
attribute string
Do not retrieve the specified attribute from LDAP but instead set it unconditionally to the supplied value for every entry.
string
Use the supplied LDAP filter to retrieve group entries.
name maps to string
Map the passwd(5), master.passwd(5), or group(5) attribute to the LDAP attribute name supplied. A list creates a comma separated list of all the LDAP attributes found.

Valid attributes are:

passwd filter string
Use the supplied LDAP filter to retrieve password entries.

/etc/ypldap.conf
ypldap(8) configuration file.

ypbind(8), ypldap(8), ypserv(8)

The ypldap.conf file format first appeared in OpenBSD 4.4.

July 7, 2011 OpenBSD-5.1