LDAP as a Naming Service in the Solaris Operating Environment

In Solaris, like NIS and NIS+, LDAP can also be used by the naming service switch to allow Solaris clients to obtain naming information.

The predominant protocol-independent interfaces to naming services within Solaris are the standard getXbyY APIs. An application using getXbyY() calls (e.g., gethostbyname(3NSL)) goes through the naming service switch which in turn calls the appropriate source protocol. In the case of LDAP, it calls LDAP APIs to retrieve information from a LDAP server. See nsswitch.conf(4) for more information about the naming service switch.

Figure 1–1 shows an overview of the relationship of the name services, the naming service switch, and the various parts of the LDAP implementation.

Figure 1–1 Architecture Overview

In addition to all the features of LDAP previously mentioned, the Solaris client configuration and maintenance is greatly simplified by storing client profiles in the directory. Each client runs a daemon that is responsible for refreshing the configuration by downloading the latest profile from the directory. Once a change is required in client configuration (such as the addition of new LDAP servers, changes in security model, and so on), the system administration merely modifies the appropriate profile(s), and the clients will get the latest configuration automatically. See ldap_cachemgr(1M) for more information.