Man Linux: Main Page and Category List


       finger-ldap - a wrapper around finger for LDAP


       finger-ldap [-lmsp] [user ...]  [user@host ...]


       The  finger-ldap displays information about the system users, much like

       By default, finger will match against users’ real names, unless it  has
       been passed the -m option.  However, it does this in a very inefficient
       way.  It queries the Name Service Switch  for  all  the  users  on  the
       system,  and  does  the  pattern matching itself.  This causes the LDAP
       server to read all its entries out of the database and push  them  over
       the  wire—load  on  the  server  will spike, and your network will slow

       However, this does not have to happen.  LDAP has a very  decent  system
       for  matching  substrings of real names, documented in RFC 2254.  Since
       finger can perform simple lookups on login names which cause  the  LDAP
       server  to  only  return  the  requested  users’  data, we can pass the
       correct login names to finger for efficient  operation.   What  finger-
       ldap  does  is  to perform queries like finger would, using LDAP search
       string syntax, in order to resolve the correct login  names.   Then  it
       passes  these login names to finger -m which formats the output nicely.

       In order to discover which LDAP server to use,  and  what  the  correct
       domain  name  is,  finger-ldap  relies on the Name Switch Service to be
       properly configured to use LDAP.   This  means  that  the  /etc/libnss-
       ldap.conf  configuration  file contains entries listing the base domain
       name (base fields) and also the LDAP servers (uri or host fields).




       Simon Law


       finger(1), libnss-ldap.conf(5).