Subject: Re: LDAP NSS for NetBSD
To: Love <firstname.lastname@example.org>
From: James Chacon <jmc@NetBSD.org>
Date: 02/22/2005 09:23:56
On Tue, Feb 22, 2005 at 08:55:41AM +0100, Love wrote:
> Luke Mewburn <lukem@NetBSD.org> writes:
> > On Sun, Feb 20, 2005 at 10:29:09PM +1100, Timshel Knoll-Miller wrote:
> > | Hi,
> > |
> > | I'm not entirely sure that this is the right list - I'm fairly new to
> > | NetBSD...
> > |
> > | I'm thinking about writing a BSD licensed LDAP nss backend for NetBSD
> > | -current's modular nsswitch.
> > Sound's good; ldap is one of the services I'd like to see a clean
> > module for.
> I think something like nscd/winbind/lookupd is needed here. The overhead of
> TLS connections is to much for the LDAP server, its hard to do TLS
> connection reuse, there no where to save the session data.
> Sorry for introducing requirements, but experience work showed using a
> couple 100's clients with no tls caching made the ldap servers real
What kind of ldap servers? We use ldap+tls here w. > 100 clients and a
couple of those are extrememly busy (think imap logins for 30,000+ users).
The LDAP servers keep up fine with that.