[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Different TLSVerifyClient possible?

To: openldap-software@OpenLDAP.org
Subject: Re: Different TLSVerifyClient possible?
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Wed, 13 Aug 2003 07:53:54 +0200
In-reply-to: <20030812201005.26511.qmail@mail.better-com.de> (Martin Lesser's message of "Tue, 12 Aug 2003 22:10:05 +0200")
References: <OF246E196D.A8B46E86-ON87256D80.0065F333@us.ibm.com> <20030812201005.26511.qmail@mail.better-com.de>
User-agent: Gnus/5.1001 (Gnus v5.10.1) XEmacs/21.4 (Portable Code, linux)

Martin Lesser <admin-openldap@better-com.de> writes:

> Kent Soper writes:
>> For clarification, /etc/ldap.conf is the LDAP PAM configuration file.
>
> No. /etc/[openldap|ldap/]ldap.conf is also used by openldap itself and
> contains at least the uri|host, searchbase etc. which are used by
> ldapsearch et al. Only some (linux-) distributions (debian) split
> ldap.conf (for openldap) and pam_ldap.conf (for pam_ldap) into two
> parts.

Just to make it clear,  pam_ldap requires a configuration file, which
by default is /etc/ldap.conf, but can be renamed at compile time. Any
libldap client requires a configuration file, which by default is
{PREFIX}/etc/openldap/ldap.conf. Both configuration files have nothing
in common. But you MAY rename 'sysconfdir' and 'with-ldap-conf-file'
that both applications use the same configuration file.

-Dieter

-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de
http://www.avci.de

References:
- Re: Different TLSVerifyClient possible?
  - From: Kent Soper <dksoper@us.ibm.com>
- Re: Different TLSVerifyClient possible?
  - From: Martin Lesser <admin-openldap@better-com.de>

Prev by Date: enough of replication problem.
Next by Date: conn_max_pending error?
Index(es):
- Chronological
- Thread