ldapclientd(1M)ldapclientd(1M)NAMEldapclientd - LDAP client daemon process
SYNOPSIS
Startup
level]
Control
level]
[cache] [cache] }
DESCRIPTION
is a daemon process that enables LDAP-UX. It enables LDAP-UX clients
to work with LDAP directory servers. caches entries, supports multiple
domains in the Windows 2000/2003/2003 R2 Active Directory Server (ADS),
supports X.500 group membership, maintains connections to the LDAP
Directory Server, and manages remote LP printers.
In addition to handling communication and maintaining the connection
between the LDAP-UX client and LDAP directory server, provides the fol‐
lowing:
· Services:
1. Enables LDAP-UX to use LDAP directory servers to support these
services:
(including dynamic groups)
Note: LDAP-UX does not support with the Microsoft Windows
2000/2003/2003 R2 Active Directory Server.
· Performance:
1. Caches entries to reduce LDAP-UX client response time retrieving:
(including dynamic groups)
Note: Since still caches and entries that did not come from the
directory server caches entries from directory servers), is still
useful to maintain high performance.
2. Reuses and maintains connections to the directory server, reduc‐
ing binding and disconnection which significantly reduces the
load on the server and network traffic.
· Capability:
1. Multiple domain Active Directory Server (ADS).
Enables LDAP-UX to use for directory servers like Windows
2000/2003/2003 R2 Active Directory Server (ADS). It allows
PAM_Kerberos to authenticate POSIX users stored in remote
domains.
2. Automatic profile downloading.
Updates the LDAP client configuration profile by downloading a
newer copy from the directory server as the current one's (Time
To Live) expires.
3. Management of remote LP printer configuration.
Searches printer objects configured in LDAP server. Accordingly,
add/modify/remove printers for the local system. By default, the
printer configurator is enabled.
By default, starts at system boot time.
The command can be used to launch the daemon or control it when the
daemon is already running.
Options
The following options are supported. These options can be used only by
a superuser.
cache Name of any NSS backend services that the daemon caches.
Valid cache names are:
Close all connections in the connection pool.
This option sends a signal to the currently running dae‐
mon, causing it to close all connections in the connection
pool.
Unused connections are closed immediately, while connec‐
tions currently in use will be marked for closure and
closed upon completion of their use.
-C is used to reset/clean up the used/saved connection
pool so connections to previous unavailable LDAP server
can quickly be established.
Not supported in this version.
Earlier versions (before B.02.00) used this to reread all
LDAP-UX client settings from just to force a refresh of
the LDAP-UX profile. Refreshing only the profile is now
done with the option. If rereading all LDAP-UX client
settings is necessary, kill using then restart
Set log level. Initializes log level during startup or sets the log
level of the running daemon process.
Accepted range of logging level is from 0 to 511.
no logging output
critical errors
key function hits
key areas
looping function hits
mutexes
JUDY caching
configuration file parsing
statistic functions
dumps
(dumps produce a large amount of logging which
significantly degrades the performance of
Example:
Default log level is set at 1.
Disable cache.
Without the cache name, all valid cache names are shown.
Enable cache.
Without the cache name, all valid cache names are shown.
Flush all caches.
Invoke help.
Kill the LDAP client daemon.
This option sends a signal to the currently running dae‐
mon, causing it to exit gracefully.
This option is equivalent to:
List available
cache names.
Set log output to a
target stream. Initializes log output during startup or
sets the log output of the running daemon process. target
can be one of the following:
Direct logging to the standard output.
Direct logging to
usage also depends on settings of LDAP-UX in
the configuration file, which must be enabled,
or will still ignore
Specify a file for log output; rotation will append a 1 or
0 to
this file name.
size defines the maximum file size before
rotation. If size if not specified, it
defaults to 1048576 bytes.
Example:
This will log output into until it is 50000 bytes, then
swap logging into then back to when is 50000 bytes, and so
on.
By default, log output goes to
Immediately refresh (download) all profiles currently listed in
the LDAP-UX client configuration file in if their current
TTL expires. checks TTL expiration status every minute.
With immediately checks TTL status and refresh all pro‐
files, if needed.
Show statistics for one cache.
When cache is not specified, a general cache statistic
summary is shown.
Disable daemonize (force
to run in the foreground instead of the background). Pre‐
vent the process to fork into a daemon process during
startup. Helpful for debugging.
DIAGNOSTICS
By default, errors are logged into if system log is enabled in the
LDAP-UX client configuration file at Errors occuring before forks into
a daemon process will be displayed directly to
The following diagnostics may be issued:
An attempt was made to start an LDAP client daemon when one was
already running.
Can mean several things:
1. Attempted to use control option features of when no daemon
process is running to control.
2. Attempted to start or control without superuser's privilege.
3. The daemon process is too busy with other requests to respond
at this time. Try again later.
The file is missing or has a syntax error. If it is syntax, the
error message is accompanied by a line showing exactly where
could not recognize the syntax or found that the setting is out
of range.
WARNINGS
Whenever the system is rebooted, launches if has in the configuration
file,
Downloading profiles may take time, depending on server response time
and the number of profiles listed in the LDAP-UX configuration file,
AUTHOR
was developed by Hewlett-Packard Company
FILES
Configuration
Configures caching, threading and boot options for
LDAP-UX client services configuration file.
Contains settings like logging and domains.
Automatically downloaded local copies of directory
profiles for each
domain listed in These files should not be
modified manually.
Operations
Lock file to restrict
ldapclientd to one running instance
Shared virtual memory used to quickly inform
clients that the
daemon is running and ready to service
client requests.
The daemon uses this pipe socket to recieve
client requests.
Authentication file restricting execution of
control options to the superuser.
startup and shutdown script during system reboot.
Client pipe sockets used to recieve responses from
the
daemon. Cleanup of this directory is left
to clients. It is safe to delete all files
left by dirty clients (and then the direc‐
tory) only when the daemon is not running.
While the daemon is running, it will
attempt to automatically clean up after
dirty clients periodically.
Other
The LDAP client configuration profile downloaded
from the LDAP directory,
in LDIF format.
The LDAP client configuration profile translated
from
in binary format.
LDAP-UX client setup tool to configure LDAP-UX
client services.
SEE ALSOrc(1M), syslog(3C), ldapclientd.conf(4), rc.con‐
fig(4), ldapux(5).
ldapclientd(1M)