[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Change over to anonymous binds



søn, 2002-08-18 kl. 13:56 skrev paul:

> > Clue please?

> Use FQDN instead of 127.0.0.1. If your' using ssl with a self signed 
> certificate, the HOST entry in ldap.conf should be the same as the 
> CommonName field in the cert.

Seconded. What I'm doing now is known in Engish English as "picking up
fag ends" which means "picking up half smoked cigarette ends", which
means "picking up trails half way through", which is what I'm doing
here.

I don't use Solaris for ldap, but everything you describe and want,
works perfectly for me under Linux.

I have to have "localhost" in the certificates. Some things work if I
have "127.0.0.1", others not. "localhost." (note the dot) works in some
cases, some not. "localhost" works perfectly (no dot!).

I have a caching nameserver on a dialup connection. My domain is
billy.demon.nl, which isn't always on line. "localhost" gets translated
by my resolver to "localhost.demon.nl". If I don't have a DNS zone
"localhost.demon.nl" for which my node is authoritative, I have to wait
a   * l o n g *   time for every single thing I do.

So I don't just have the standard BIND zone localhost.zone, but I also
have billy.zone, which makes me authoritative for localhost.demon.nl .

Then there's absolutely no wait.

Best,

Tony

-- 

Tony Earnshaw

The usefulness of RTFM is vastly overrated.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl
gpg public key:	http://www.billy.demon.nl/tonni.armor

Telefoon:	(+31) (0)172 530428
Mobiel:		(+31) (0)6 51153356

GPG Fingerprint = 3924 6BF8 A755 DE1A 4AD6 FA2B F7D7 6051 3BE7 B981
3BE7B981