[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: Change over to anonymous binds
You can always use the /etc/hosts file, just put the fully qualified name and
whatever valid addresses in there. Set /etc/nsswitch.conf with
hosts: files dns
to make sure you get your local info first.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Tony Earnshaw
> Sent: Monday, August 19, 2002 9:59 AM
> To: Kurt D. Zeilenga
> Cc: Jim C; openldap-software@OpenLDAP.org; paul
> Subject: Re: Change over to anonymous binds
>
>
> man, 2002-08-19 kl. 18:05 skrev Kurt D. Zeilenga:
>
> > Whatever works fine for you is fine for you. But I think it
> > is not a general solution to dealing with such situations,
> > namely because the certificate would only be usable if the
> > client was on the local host and connected to "localhost"
> > and didn't map "localhost" to your local host name (as
> > some clients do).
>
> Good point! Now all I have to do is to find the time, take the trouble
> and *dare* to change things - that (at the moment) work fine already.
>
> > A better approach would be to configure your name resolution
> > system such that billy.demon.nl resolved to the appropriate
> > address (which may change over time) of your server. At
> > times, may the appropriate address is 127.0.0.1... but
> > I would suggest you set up your addressing/routing such
> > that 212.238.97.135 is appropriate at all times.
>
> My infantile intelligence tells me: "You can't be authoritative for
> billy.demon.nl without being authoritative for demon.nl."
>
> But the the grandpa with *his* intelligence chips in: "If you're already
> authoritative for localhost.demon.nl, why can't you also be
> authoritative for a single other node in that particular zone?"
>
> Thanks Kurt!
>
> I'll let you know :-)
>
> Best,
>
> Tony
>
> --
>
> Tony Earnshaw
>
> The usefulness of RTFM is vastly overrated.
>
> e-post: tonni@billy.demon.nl
> www: http://www.billy.demon.nl
> gpg public key: http://www.billy.demon.nl/tonni.armor
>
> Telefoon: (+31) (0)172 530428
> Mobiel: (+31) (0)6 51153356
>
> GPG Fingerprint = 3924 6BF8 A755 DE1A 4AD6 FA2B F7D7 6051 3BE7 B981
> 3BE7B981
>
>
>
>
>