Use an LDAP server for identity and authentication management.

This is nss-pam-ldapd which provides a Name Service Switch (NSS) module that allows your LDAP server to provide user account, group, host name, alias, netgroup, and basically any other information that you would normally get from /etc flat files or NIS. It also provides a Pluggable Authentication Module (PAM) to do authentication to an LDAP server.

This is implemented using thin NSS and PAM modules which delegate to a dedicated service (nslcd) that queries the LDAP server with persistent connections, authentication, attribute translation, etc.

The NSS module was originally a fork of nss_ldap with some structural design improvements. The most important features of nss-pam-ldapd are:

• light and simple NSS and PAM libraries
• avoid loading LDAP and SSL libraries in all programs
• separation between NSS, PAM and LDAP code
• fewer connections to the LDAP server
• better debugging possibilities
• better performance

See the documentation section for more details.

Latest news

• 2013-05-05: release 0.8.13 of nss-pam-ldapd
• 2013-04-05: release 0.9.0 of nss-pam-ldapd
• 2013-02-18: security advisory: CVE-2013-0288: file descriptor buffer overflow
• 2013-01-06: nss-pam-ldapd moving from Subversion to Git
• 2012-12-14: release 0.7.18 of nss-pam-ldapd

These pages contain no frames, blinking stuff, animated gifs or commercials, do not require javascript and are not optimised for any specific screen resolution or browser and should be valid XHTML 1.1 and contain valid CSS.