pavement

NSSwitch

From FreeBSDwiki
Jump to: navigation, search

Name Server Switch, NSSwitch, is a service on FreeBSD (and most other variants, including Linux) that offers a means to resolve queries regarding network addresses, users and groups.

Original UNIX and Unix-like servers utilised files in /etc for referencing hosts, users (now within passwd on FreeBSD) and groups. This was acceptable when such servers were run in stand-alone implementations. With the advent of networked environments came central sources for name resolution in the form of DNS and user authentication from LDAP-style services (Active Directory being a well known variant).

This is where NSSwitch came into existence, developed as a central point for services on a Unix server to send queries to. For example, a service such as SSH will pass an authentication request onto NSSwitch. NSSwitch will look at its configuration file and determine the subsystem(s) with which to pass the request. This could be the traditional Unix users file or, with the appropriate support library, a network based service like LDAP as well as other services.

The WINBIND service is also a support library for NSSwitch that permits the use of Active Directory and NT Domain authentication within FreeBSD.

In a similar way to user authentication NSSwitch can also handle network name resolution by using the traditional Unix hosts file, external DNS servers or other systems if supported by a suitable library.

Personal tools