ldapclientd.conf(4)ldapclientd.conf(4)NAMEldapclientd.conf - configuration file for the LDAP client daemon
process
SYNOPSISDESCRIPTION
is the configuration file for an LDAP client daemon process that
enables LDAP-UX clients to work with Directory Servers. caches
entries, supports multiple domains in the Windows 2000/2003/2003 R2
Active Directory Server (ADS), automatically downloads the configura‐
tion profiles, supports X.500 group membership, maintains and reuses
connections to the LDAP Directory Server, and manages remote LP print‐
ers.
uses default values for any settings absent from the configuration
file.
If an older version of exists during installation of LDAP-UX, LDAP-UX
stores the new configuration file in and continues to use the old con‐
figuration file.
Configuration File Syntax
The configuration file uses the following syntax:
...
...
The areas in the configuration files are:
ignores any line beginning with a
delimiter.
section The configuration file is segregated into sections
where each section begins with the section name
enclosed by Valid section names are:
setting Specify the setting to configure. The allowed
parameter keywords are different for each section.
See below for details.
value The valid values of each setting will depend on
which parameter is specified. The valid value can
be
Configuration Sections
The valid sections for the configuration files are described here:
Determines if starts automatically when the system boots. The valid
setting are:
By default, this is enabled after LDAP-UX has been configured by
the LDAP-UX setup program
Any cache
setting except defined here will be used as default settings for
all caches and The setting defined here will be used for all
caches except
The following setting can be defined in this section:
Maximum number of connections
can establish to the directory server (or
multiple servers when in a multi-domain
environment.
Default value is 100.
Seconds before an inactive connection to the directory server
is brought down and cleaned up.
Default value is 300.
Number of client request handling threads in
Default value is 10.
Interval (seconds) before next attempt to clean up socket files
created
by LDAP-UX client applications that were
terminated abnormally.
Default value is 300.
Interval (seconds) of how often
should identify and clean up stale cache
entries.
Default value is 10.
How often (seconds) should re-read the LDAP-UX client configura‐
tion file to update internal multiple domain
information
Default value is 600.
Maximum number of bytes that should be cached by
for all services except This value is the
maximum upper limit of memory that can be
used by to cache all services except dynamic
groups. If this limit is reached, new
entries are not cached until enough expired
entries are freed.
Default value is 10000000.
The maximum number of states
allows, as a percentage of A state functions
like a virtual connection between the client
and LDAP server. State connections are cre‐
ated by the enumeration request and stay for
the subsequent fetches from the enumeration.
is a percentage of as we must have more
available connections than enumeration
states. A value of 0% disables enumeration.
Default value is 80%.
If no client requests a
fetch from an enumeration for this specified
time, the enumeration state will be removed,
terminating the enumeration.
Default value is 300.
Seconds before a cache entry expires from the positive cache.
There is no default value for this setting.
Each cache section has its own default
(listed further below). Specifying a value
here under the section will override
defaults in other sections (when there is no
specific definition under that section).
Seconds before a cache entry expires from the negative cache.
Like, there is no default value for this
setting. Each cache section has its own
default.
Cache settings for the
cache (which caches name, uid, and shadow information). The
valid setting under this section are:
only caches entries for this section when it is enabled.
If the cache is not enabled, will query the
directory server for any entry request from
this section.
Since this impacts LDAP-UX client perfor‐
mance and response time, by default, caching
is enabled.
Seconds before a cache entry expires from the positive cache.
Since personal data can change frequently,
this value is typically smaller than the
others.
Default value is 120.
Seconds before a cache entry expires from the negative cache.
Default value is 240.
Cache settings for the group cache (which caches name, gid, and
membership information). The setting are:
only caches entries for this section when it is enabled.
By default, caching is enabled.
Seconds before a cache entry expires from the positive cache.
Since people are added and removed from
groups occasionally, this value is typically
not large. If caching is enabled, this value
must be less than of
Default value is 240.
Seconds before a cache entry expires from the negative cache.
If caching is enabled, this value must be
less than of
Default value is 240.
Cache settings for the netgroup cache.
only caches entries for this section when it is enabled.
By default, caching is enabled.
Seconds before a cache entry expires from the positive cache.
For the same reasons described in the sec‐
tion, this value is typically small.
Default value is 240.
Seconds before a cache entry expires from the negative cache.
Default value is 240.
This cache maps a user's UID to his DN from the directory.
only caches entries for this section when it is enabled.
By default, caching is enabled.
Seconds before a cache entry expires from the positive cache.
Typically, once added into a directory, the
user's DN rarely changes.
Default value is 86400.
Seconds before a cache entry expires from the negative cache.
Default value is 86400.
This cache maps user names and UID's to the domain holding its entry.
only caches entries for this section when it is enabled.
By default, caching is enabled.
Seconds before a cache entry expires from the positive cache.
Since new domains are rarely added to or
removed from the forest, the cache is typi‐
cally valid for a long time.
Default value is 86400.
Seconds before a cache entry expires from the negative cache.
Default value is 86400.
This cache maps group names and GUID's to the domain holding its entry.
only caches entries for this section when it is enabled.
By default, caching is enabled.
Seconds before a cache entry expires from the positive cache.
For the same reasons described in section,
the cache is typically valid for a long
time.
Default value is 86400.
Seconds before a cache entry expires from the negative cache.
Default value is 86400.
Cache settings for the automount cache (which caches automount informa‐
tion).
only caches entries for this section when it is enabled.
By default, caching is enabled.
Seconds before a cache entry expires from the positive cache.
Default value is 1800.
Seconds before a cache entry expires from the negative cache.
Default value is 1800.
This cache maps an automount map to its DN from the directory.
only caches entries for this section when it is enabled.
By default, caching is enabled.
Seconds before a cache entry expires from the positive cache.
Typically, once added into a directory, the
map's DN rarely changes.
Default value is 1800.
Seconds before a cache entry expires from the negative cache.
Default value is 7200.
Cache settings for the dynamic group cache (which caches dynamic mem‐
bers
of groups, and dynamic groups that users belong to):
Maximum number of bytes that should be cached by
for dynamic groups. This value is the maxi‐
mum upper limit of memory that can be used
by to cache dynamic group information. If
this limit is reached, new entries are not
cached until enough expired entries are
freed.
Default value is 10000000.
only caches entries for this section when it is enabled.
By default, caching is enabled.
Seconds before a cache entry expires from the positive cache.
If group caching is enabled, this value must
be greater than of
Default value is 43200 (i.e. 12 hours).
Seconds before a cache entry expires from the negative cache.
If group caching is enabled, this value must
be greater than of
Default value is 43200 (i.e. 12 hours).
User configurable parameters for the printer configurator.
Define the status of the printer configurator when
starts. means printer configurator service
will be enabled when starts. means printer
configurator will be disabled when starts.
By default, the printer configurator is
enabled.
Define the maximum printer objects that the printer configurator
will handle.
Default value is 50.
Define the interval, in second, between printer configurator
searches
for printer objects.
Default value is 86400.
EXAMPLE
The following is a sample configuration file.
#
# My example ldapclientd daemon configuration file
#
[StartOnBoot]
enable=yes
# remember, /opt/ldapux/config/setup can directly enable StartOnBoot.
[general]
max_conn=20
connection_ttl=120
num_threads=10
socket_cleanup_time=300
cache_cleanup_time =10
update_ldapux_conf_time=600
cache_size=10000000
poscache_ttl=5000000
[passwd]
enable=yes
poscache_ttl=1000003
[group]
enable=yes
# note: group's poscache_ttl uses the default
# defined under general: 5000000.
# Because it's not under general, negcache_ttl
# will be the ldapclientd default: 240.
[netgroup]
enable=no
[uiddn]
poscache_ttl = 50000
negcache_ttl = 30000
enable=yes
[domain_pwd]
enable=yes
[domain_grp]
enable=yes
[automount]
enable=yes
[automountmap]
enable=yes
[dynamic_group]
cache_size=20000000
enable=yes
poscache_ttl=5500000
[printers]
start=yes
max_printers=50
search_interval=86400
DIAGNOSTICS
When starts, it reads the configuration file and points out
errors during parsing. This error message is accompanied by the
line showing exactly where could not recognize the syntax or
found that the setting is out of range.
WARNINGS
Whenever the system is rebooted, launches if has in the configuration
file.
Downloading profiles may take time, depending on server response time
and the number of profiles listed in the LDAP-UX configuration file
AUTHOR
was developed by Hewlett-Packard Company
FILES
The configuration file.
LDAP-UX cache daemon process that improves performance and extends
capabilities of LDAP-UX clients.
LDAP-UX setup program.
setup completes,
LDAP-UX client services configuration file.
Contains settings like logging and domains.
Automatically downloaded local copies of directory
profiles for each
domain listed in These files should not be
modified manually.
SEE ALSOldapclientd(1M), rc(1M), rc.config(4), ldapux(5).
ldapclientd.conf(4)