D.4. Adding nss_map_attribute statements to /etc/ldap.conf

D.4. Adding nss_map_attribute statements to /etc/ldap.conf
Prev	Appendix D. Manually Configuring Integration with Novell eDirectory	Next

D.4. Adding nss_map_attribute statements to `/etc/ldap.conf`

For NSS (looking up information about users and groups) to work well when fetching information from eDirectory, the following three lines should be in /etc/ldap.conf

nss_map_attribute uniqueMember member
nss_map_attribute uid cn
pam_password nds

The first two make sure that the Linux machine asks for the correct attributes, and more importantly, that when processing a request to find out which groups a user is member of, it doesn't have to lookup every DN found as a member to find out which uid it corresponds to. The last line makes sure changing passwords in eDirectory from Linux works. Use any PAM-enabled password-changing program in Linux to achieve this functionality.

Prev	Up	Next
D.3. Removing Attribute Mappings	Home	D.5. Creating a DN for search operations