NAME
ypldap.conf
—
LDAP YP map daemon configuration
file
DESCRIPTION
The ypldap(8) daemon provides YP maps using LDAP as a backend.
SECTIONS
The ypldap.conf
config file is divided
into three main sections.
- Macros
- User-defined variables may be defined and used later, simplifying the configuration file.
- Global Configuration
- Global settings for ypldap(8).
- Directories
- LDAP Directory specific parameters.
MACROS
Much like cpp(1) or
m4(1),
macros can be defined that will later be expanded in context. Macro names
must start with a letter, and may contain letters, digits, and underscores.
Macro names may not be reserved words (for example,
domain
). Macros are not expanded inside quotes.
For example:
fixed_gecos="Pulled from LDAP" fixed attribute gecos $fixed_gecos
GLOBAL CONFIGURATION
Global settings concern the main behaviour of the daemon.
- domain string
- Specify the name of the NIS domain
ypldap.conf
will provide. - interval seconds
- Specify the interval in seconds at which the whole directory will be pulled from LDAP.
- provide map string
- Specify a map that should be provided by
ypldap.conf
The currently implemented maps are: passwd.byname, passwd.byuid, group.byname, group.bygid.
DIRECTORIES
Directories are used to describe the LDAP schema and help
ypldap.conf
convert LDAP entries to
passwd(5),
master.passwd(5), and
group(5) lines. A directory declaration is of the following form:
directory "some.host" { # directives }
Valid directives for directories are:
attribute
namemaps to
string- Map the passwd(5), master.passwd(5), or group(5) attribute to the LDAP attribute name supplied.
basedn
string- Use the supplied search base as starting point for the directory search.
bindcred
string- Use the supplied credentials for simple authentication against the directory.
binddn
string- Use the supplied Distinguished Name to bind to the directory.
fixed attribute
attribute string- Do not retrieve the specified attribute from LDAP but instead set it unconditionally to the supplied value for every entry.
group filter
string- Use the supplied LDAP filter to retrieve group entries.
list
namemaps to
string- Map the passwd(5),
master.passwd(5), or
group(5) attribute to the LDAP attribute name supplied. A list
creates a comma separated list of all the LDAP attributes found.
Valid attributes are:
passwd filter
string- Use the supplied LDAP filter to retrieve password entries.
FILES
- /etc/ypldap.conf
- ypldap(8) configuration file.
SEE ALSO
HISTORY
The ypldap.conf
file format first appeared
in OpenBSD 4.4.