ldapcd.conf(4) Kernel Interfaces Manual ldapcd.conf(4)NAME
ldapcd.conf - Configuration file for the single sign-on daemon.
SYNOPSIS
# comment_string parameter: integer identifier: string identifier: "quoted_string,quoted_string,..."
DESCRIPTION
The ldapcd.conf file stores the current configuration of the Windows 2000 Single Sign-on daemon (SSO). The information stored in the file
is specified when you configure Windows 2000 Single Sign-on and is not normally changed.
The ldapcd.conf file also contains the default operating parameters for the daemon which you can tune for performance. You might need to
tune performance if users wait a long period of time for the UNIX server system to respond.
To tune the Windows 2000 SSO software, use a text editor to modify the values of the caching parameters as follows: The number of open con-
nections that the caching daemon makes to the active directory. Increasing the value of this entry opens more connections to the active
directory, however this consumes more file descriptors and increases the load on the active directory. Typically, 4 connections are ade-
quate for a workstation and 15 connections are adequate for a server.
Default: 4 connections The maximum number of user entries to store in cache. Increase or decrease this value as the maximum number
of users increases or decreases.
Default: 500 entries The maximum number of seconds to cache a user entry. Increasing this value increases performance because a
user's entry is readily available in the cache. If you delete a recently used user account, its entry remains in the cache for the
amount of time specified by this parameter.
Default: 900 seconds. The maximum number of group IDs to cache. Increasing this value increases performance because group IDs are
readily available in the cache.
Default: 100 group IDs The maximum number of seconds to cache group IDs.
Default: 900 seconds
Using a Revised Configuration
If you change the value of a cache parameter in the /etc/ldapcd.conf file, you must enter the following command to read the new configura-
tion and restart the daemon: # /sbin/init.d/ldapw2k restart
EXAMPLES
The following example shows a typical configuration file: # connections: 4 pw_cachesize: 500 pw_expirecache: 900 gr_cachesize: 100
gr_expirecache: 900
usesasl: 1
directory: server1 searchbase: "cn=users,DC=SSO,DC=TWOTEN,DC=COM" machine_acctname: emera.ggg.bbb.com machine_dn: "cn=emera,cn=comput-
ers,DC=SSO,DC=TWOTEN,DC=COM"
FILES
Location of the file.
RELATED INFORMATION
Commands: ldapcd(8), lw2ksetup(8)
Windows 2000 Single Sign-On Installation and Administration Guide. delim off
ldapcd.conf(4)
Check Out this Related Man Page
nscd(1M) System Administration Commands nscd(1M)NAME
nscd - name service cache daemon
SYNOPSIS
/usr/sbin/nscd [-f configuration-file] [-g] [-e cachename, yes | no] [-i cachename]
DESCRIPTION
nscd is a process that provides a cache for the most common name service requests. The default configuration-file /etc/nscd.conf determines
the behavior of the cache daemon. See nscd.conf(4).
nscd provides caching for the passwd(4), group(4), hosts(4), ipnodes(4), exec_attr(4), prof_attr(4), and user_attr(4) databases through
standard libc interfaces, such as gethostbyname(3NSL), getipnodebyname(3SOCKET), gethostbyaddr(3NSL), and others. Each cache has a separate
time-to-live for its data; modifying the local database (/etc/hosts, /etc/resolv.conf, and so forth) causes that cache to become invali-
dated upon the next call to nscd. The shadow file is specifically not cached. getspnam(3C) calls remain uncached as a result.
nscd also acts as its own administration tool. If an instance of nscd is already running, commands are passed to the running version trans-
parently.
In order to preserve NIS+ security, the nscd service checks the permissions on the passwd table if NIS+ is being used. If this table cannot
be read by unauthenticated users, then nscd will make sure that any encrypted password information returned from the NIS+ server is sup-
plied only to the owner of that password.
OPTIONS
Several of the options described below require a cachename specification. Supported values are passwd, group, hosts, ipnodes, exec_attr,
prof_attr, and user_attr.
-f configuration-file Causes nscd to read its configuration data from the specified file.
-g Prints current configuration and statistics to standard output. This is the only option executable by non-root
users.
-e cachename, yes|no Enables or disables the specified cache.
-i cachename Invalidate the specified cache.
EXAMPLES
Example 1: Stopping and restarting the nscd daemon.
example# svcadm disable system/name-service-cache
example# svcadm enable system/name-service-cache
FILES
/etc/nscd.conf Determines athe behavior of the cache daemon
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
SEE ALSO svcs(1), svcadm(1M), getspnam(3C), gethostbyname(3NSL), getipnodebyname(3SOCKET), exec_attr(4), group(4), hosts(4), ipnodes(4),
nscd.conf(4), nsswitch.conf(4), passwd(4), prof_attr(4), user_attr(4), attributes(5),
NOTES
The output from the -g option to nscd is subject to change. Do not rely upon it as a programming interface.
The nscd service is managed by the service management facility, smf(5), under the service identifier:
svc:/system/name-service-cache
Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(1M). The ser-
vice's status can be queried using the svcs(1) command.
SunOS 5.10 30 Oct 2003 nscd(1M)