| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
This tries to make it a little clearer how expressions in the map
statement may be used.
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
This supports both `uri DNSLDAPS` and `uri DNSLDAPS:some.domain`
variants alongside the pre-existing `uri DNS` that was already supported
generating ldaps URIs for all SRV records found.
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows putting `base ""` in nslcd.conf to specify an empty search
base.
Note that the LDAP server needs to support this. With slapd this
requires setting up an olcDefaultSearchBase attribute in the
olcFrontendConfig object under cn=config or have the database have an
empty suffix.
Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/50
|
|
|
|
| |
This option is passed to the LDAP library if it is supported.
|
|
|
|
| |
This option is passed to the LDAP library if it is supported.
|
|
|
|
|
|
| |
This option is passed to the LDAP library if it is supported.
Closes https://github.com/arthurdejong/nss-pam-ldapd/pull/41
|
|
|
|
|
|
|
| |
Thanks Benedict Reuschling for pointing this out.
Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/39
Fixes b93838d
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
This adds a domain variable (if it can be determined on the system) that
can be used in pam_authz_search and pam_authc_search filters to build
search filters that search on the domain name (the FQDN without the
starting host name).
Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/8
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
This allows supplying multiple arguments to getent.ldap that will each
act as a search key for lookups, similar to what normal getent allows.
|
| |
|
|
|
|
|
|
|
|
|
| |
This ensures that getent.ldap, chsh.ldap and manual pages with ldap in
the name will be installed with the name as specified with
--with-module-name.
Note that the manual page content still describes the working within
nss-pam-ldapd and still mention the ldap name.
|
| |
|
| |
|
|
|
|
| |
This option allows completely disabling ppolicy handling.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If this option is present, functions which cause all user/group entries
to be loaded (getpwent(), getgrent()) from the directory will not
succeed in doing so. This can dramatically reduce ldap server load in
situations where there are a great number of users and/or groups.
Applications that depend on being able to sequentially read all users
and/or groups may fail to operate correctly. This option is not
recommended for most configurations.
|
|
|
|
|
|
|
| |
This option allows skipping group member list retrieval to improve
performance with very large groups. This option results in inconsistent
group membership information being presented that may confuse some
applications.
|
| |
|
|
|
|
|
|
|
| |
Update nslcd.conf man page that multiple URIs can be set by using more
uri lines or more URIs defined on one uri line.
https://bugzilla.redhat.com/show_bug.cgi?id=1204195
|
|
|
| |
See http://lists.arthurdejong.org/nss-pam-ldapd-users/2014/msg00166.html
|
| |
|
|
|
|
|
| |
This includes a number of minor changes to the documentation. This also
documents the children search scope (related to 2caeef4).
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
This also reworks the manual page generation check in the configure
script and avoids build errors if no tool for generating manual pages is
present when working on a Git checkout.
|
| |
|
| |
|
|
|
|
|
| |
This replaces e0491d2 to run xmlto from the man directory. This handles
the case more gracefully if xmlto is not available.
|
|
|
|
|
|
| |
This implements and documents handling of the SIGUSR1 signal in nslcd to
reset the reconnect_sleeptime and reconnect_retrytime timers to re-check
availability of the LDAP server.
|
| |
|
| |
|
|
|
|
|
| |
This also renames the internal nscd module to invalidator for both nslcd
and pynslcd. The new invalidator module is now no longer nscd-specific.
|
|
|
|
| |
This introduces an nfsidmap value for nscd_invalidate which will cause
the nfsidmap -c command to be run.
|
|
|
|
|
| |
The :u flag apparently isn't portable across versions of make and automake
rules complain if a manual page is added twice to a target.
|
| |
|
| |
|
| |
|