Next: , Previous: , Up: modules   [Contents][Index]

6.6 ldap

The ldap module provides interface to the Lightweight Directory Access Protocol. The configuration is similar to that of SQL modules:

LDAP parameters may be configured either globally, when loading the module, or locally, when defining a smap database. If the database definition lacks some configuration statements, it looks them up in a global definition.

Each database has a filter template and up to three smap reply templates. When dispatched a sockmap query, the database expands the filter template using the actual values of ‘${map}’ (the map name) and ‘${key}’ (the key value) and uses the obtained filter to query the LDAP server. If the server responds with a non-empty set of tuples, the positive reply template is expanded and the result is used as a response. Otherwise, if the query produced an empty set, the smap database uses the negative reply template to create the response.

The module gets its configuration from the file /etc/ldap.conf and from module and database command line. The settings from the command line override those from /etc/ldap.conf. Alternative configuration file can be specified using the config-file option. The subsections that follow discuss the keywords meaningful for the ldap module. Unless explicitly stated otherwise, these can be used in the command line as well as in the configuration file. For compatibility with other LDAP software, keywords in the configuration file are case-insensitive. Unrecognized keywords appearing in the configuration file are silently ignored. You can use the ‘ldap.2’ debug level to get a listing of those. This can be useful to trace possible typos.

Unrecognized keywords appearing in the command line are treated as errors, as usual.

The only keyword that can be used only in the command line is config-file:


Read configuration from file file instead of /etc/ldap.conf.

Next: , Previous: , Up: modules   [Contents][Index]