RSS feed

Understanding nscd and caching

[Date Prev][Date Next] [Thread Prev][Thread Next]

Understanding nscd and caching

I’m running nslcd with the latest 0.9.4 release. I’m trying to add caching support so I don’t hit my LDAP server with multiple requests from the same user.

At first I thought the new ‘cache’ config option would help, but it doesn’t appear to cache everything. I then turned on nscd, but I don’t see nslcd making requests to the nscd. Has anyone here set this up? Sample config?


    enable-cache        passwd      yes
    positive-time-to-live   passwd      600
    negative-time-to-live   passwd      20
    suggested-size      passwd      211
    check-files     passwd      yes
    persistent      passwd      yes
    shared          passwd      yes
    max-db-size     passwd      33554432
    auto-propagate      passwd      yes


passwd:     files ldap
shadow:     files ldap
group:      files ldap


uid nslcd
gid ldap

log /var/log/nslcd.debug.log debug

# The LDAP version to use
ldap_version 3

scope sub
pagesize 1000
referrals off
idle_timelimit 800

# The two lines below describes how it should be searched in AD for a user and for a group
filter passwd (objectClass=user)
filter group  (objectClass=group)

# The lines below describe the mapping of Posix attributes to their analogs in AD
map passwd uid sAMAccountName
map passwd homeDirectory "/home/$sAMAccountName"
map    passwd uidNumber     objectSid:S-1-5-21-2052111302-448539723-1801674531
map    passwd gidNumber     objectSid:S-1-5-21-2052111302-448539723-1801674531
map    passwd gecos         displayName
map    passwd loginShell    "/bin/bash"
map    group gidNumber      objectSid:S-1-5-21-2052111302-448539723-1801674531

# ignore case of the search
ignorecase yes

# Secure Socket Layer, yes we do!
ssl on
tls_cacertdir /etc/ssl/certs
tls_reqcert never

cache dn2uid 5m

I did compile nss-pam-ldap with --enable-debug but don’t see any output at the log file specified.

To unsubscribe send an email to or see