* write more unit tests * add sanity checking code (e.g. not too large buffer allocation and checking that host, user, etc do not contain funky characters) in all server modules * log some statistics: "passwd=100 shadow=10 host=20 rpc=10" (10 req/minute) * add an option to create an extra socket somewhere (so it may be used in chroot jails) * make I/O timeout between NSS lib and daemon configurable with configure * protocols/rpc: the description attribute should be used as an alias? * maybe rate-limit LDAP entry warnings * setnetgrent() may need to return an error if the netgroup is undefined * handle repeated calls to getent() better (see http://bugzilla.padl.com/show_bug.cgi?id=376) * make it possible to start nslcd real early in the boot process and have it become available when it determines it can (other timeout/retry mechanism on startup) * implement requesting and handling password policy information when binding as a user (see pam_ldap) * implement nested groups * implement other services in nslcd: sudo and autofs are candidates * complete pynslcd implementation * implement chsh and chfn in nslcd PAM code and make chsh.ldap and chfn.ldap binaries * have nslcd flush the nscd caches when reconnecting to the LDAP server after an error * add a max uid option for PAM module * support changing Samba password attributes on password change * while running NSS tests, check if nscd isn't running * implement keepalives on the LDAP connection