5.3 Files Modified by Linux User Management

When Linux User Management is installed, the install process adds the eDirectory source (by using the string nam) to the passwd and group database entries in the /etc/nsswitch.conf file to activate the Linux User Management accounts. For example, the entries might be modified to include nam as follows:

passwd: files  nam  nisplus
shadow:  files  nam  nisplus
group:  files  nam  nisplus

The installation also modifies PAM-enabled service files in the /etc/pam.d./ directory to use eDirectory authentication.

5.3.1 The namcd Linux User Management Caching Daemon

When nss_nam receives name service requests, it contacts the eDirectory caching daemon, namcd, which is responsible for retrieving and caching entries from eDirectory.

The namcd daemon caches the fully distinguished name (FDN) of User objects. Whenever the pam_nam and the nss_nam modules access the eDirectory database to retrieve a User object, the namcd daemon caches the FDN of that User object. eDirectory searches the cache before accessing the eDirectory database, making the access quicker. The behavior of namcd is determined by the configuration parameters set in the /etc/nam.conf configuration file.

The namcd daemon also provides a persistent cache on workstations, which improves access time if the data does not change frequently. If you enable persistent caching, all user profiles, group profiles, and the FDNs of User objects are cached. If persistent caching is disabled, only the User FDNs are cached. You can enable or disable persistent caching by setting the enable-persistent-cache parameter in the /etc/nam.conf file. By default, persistent caching is disabled.

5.3.2 Starting and Stopping namcd

To start the namcd daemon:

/etc/init.d/namcd   start

To stop the namcd daemon:

/etc/init.d/namcd stop

The namcd daemon can be configured by using the namconfig utility. Its configuration parameters are set in the /etc/nam.conf file. For more information, refer to Section 6.2, Editing the nam.conf File.