1.6. Enabling LDAPI

Inter-process communication (IPC) is a way for separate processes on a Unix machine or a network to communicate directly with each other. LDAPI allows LDAP connections to run over IPC connections, meaning that LDAP operations can run over Unix sockets. These connections are much faster and more secure than regular LDAP connections.

LDAPI is enabled through two configuration attributes:

nsslapd-ldapilisten to enable LDAPI for Directory Server
nsslapd-ldapifilepath to point to the Unix socket file

To enable LDAPI:

Modify the nsslapd-ldapilisten to turn LDAPI on and add the socket file attribute.

# ldapmodify -D "cn=Directory Manager" -W -p 389 -h server.example.com -x

dn: cn=config
changetype: modify
replace: nsslapd-ldapilisten
nsslapd-ldapilisten: on
-
add: nsslapd-ldapifilepath
nsslapd-ldapifilepath: /var/run/slapd-example.socket

Restart the server to apply the new configuration.
```
# systemctl restart dirsrv@instance
```

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories

1.6. Enabling LDAPI