For anyone interested, I've released an NSS overlay for slapd in OpenLDAP's
contrib/slapd-modules/nssov directory. This overlay uses the same protocol as
Arthur de Jong's nss-ldapd, but uses slapd to answer the requests directly
instead of going thru some other intermediate daemon. Since the overlay is
configured inside slapd, more of your LDAP configuration is centralized in a
single place, making overall administration simpler. It offers most of the
advantages of nss-ldapd, and also provides the possibility for local caching
of remotely mastered LDAP credentials (just use back-ldap+pcache), full
synchronization for disconnected operation (just use syncrepl), etc. etc.
Feedback welcome, here or on the openldap-technical mailing list. Currently it
is only in CVS HEAD; may be released in 2.4.11.
--
-- Howard Chu
CTO, Symas Corp.
http://www.symas.com Director, Highland Sun
http://highlandsun.com/hyc/ Chief Architect, OpenLDAP
http://www.openldap.org/project/
