Show Table of Contents
1.6. Enabling LDAPI
Inter-process communication (IPC) is a way for separate processes on a Unix machine or a network to communicate directly with each other. LDAPI allows LDAP connections to run over IPC connections, meaning that LDAP operations can run over Unix sockets. These connections are much faster and more secure than regular LDAP connections.
LDAPI is enabled through two configuration attributes:
nsslapd-ldapilisten
to enable LDAPI for Directory Servernsslapd-ldapifilepath
to point to the Unix socket file
To enable LDAPI:
- Modify the
nsslapd-ldapilisten
to turn LDAPI on and add the socket file attribute.# ldapmodify -D "cn=Directory Manager" -W -p 389 -h server.example.com -x dn: cn=config changetype: modify replace: nsslapd-ldapilisten nsslapd-ldapilisten: on - add: nsslapd-ldapifilepath nsslapd-ldapifilepath: /var/run/slapd-example.socket
- Restart the server to apply the new configuration.
# systemctl restart dirsrv@instance