[rhelv6-list] LDAP without the cruft

Collins, Kevin [Contractor Acquisition Program] KCollins at chevron.com
Fri Jul 19 04:16:35 UTC 2013 

Just as an FYI, the new model with nslcd makes for a much more resilient model when your LDAP server(s) have issues. In the prior model, if one LDAP server has an issue there is the potential for MANY processes to be directly impacted by timeouts. With the new model, only the nslcd process has to face the timeout... 

If you have ever had to deal with those problems you will definitely appreciate nslcd :)

Kevin

-----Original Message-----
From: rhelv6-list-bounces at redhat.com [mailto:rhelv6-list-bounces at redhat.com] On Behalf Of William Hopkins
Sent: Thursday, July 18, 2013 11:42 AM
To: Red Hat Enterprise Linux 6 (Santiago) discussion mailing-list
Subject: Re: [rhelv6-list] LDAP without the cruft

On 07/18/13 at 10:31am, Wes Hardin wrote:
> On 07/17/2013 09:48 PM, William Hopkins wrote:
> >On 07/18/13 at 12:28pm, Ian Mortimer wrote:
> >>On 18/07/13 11:44, William Hopkins wrote:
> >>
> >>>Do you have NSCLD running?
> >>Yes.
> >>
> >My intention is to authenticate using LDAP without running NSCLD. That was in
> >my original post. But thanks for the update.
> >
> Then you need to remove the nss-pam-ldapd package and compile your
> own NSS LDAP library using the PADL sources.
> 
> nss-pam-ldapd replaces the old libnss_ldap library with a
> lightweight NSS library and a daemon.  nslcd is the daemon that
> actually does the lookups. nscld is not cruft.  It's new, but it's
> not unnecessary.
> 

I see it is clearly now necessary, but that doesn't make it not cruft. There is
a decided direction in Linux engineering going towards more system daemons and
more layers of abstraction (D-BUS, GConf, Dconf, gsettings, consolekit,
network-manager, policykit, udisks, upower, etc. etc. etc.) I understand for
many of them they gain popularity because they make desktop maintenance easier,
but I resist their encroachment in the server world; philosophically they don't
line up with the UNIX/Linux mindset. Luckily, in the Linux world we are still
allowed to choose. Anyway, that's my little rant on that subject, thanks for
your help.

-- 
William

More information about the rhelv6-list mailing list