Arthur de Jong is doing a complete redesign of nss_ldap, splitting the structure into two different parts: a daemon that handles the LDAP requests proper and a thin NSS conector that communicates with the daemon over a Unix socket. NSS-LDAPD This is interesting as it avoids each and every process that utilizes name lookups to load the whole LDAP library and cuts down severely on connections to the directory servers. Documentation is a bit sparse at the moment, but the overview is good, and the project’s README and HACKING files are quite detailed. Note to self: look into this as soon as possible.

LDAP, Linux, DNS, Security, and CLI :: 12 Jun 2007 :: e-mail