[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Slurpd and TLS/SSL

To: openldap-software@OpenLDAP.org
Subject: Re: Slurpd and TLS/SSL
From: Howard Chu <hyc@symas.com>
Date: Thu, 13 Oct 2005 12:30:57 -0700
In-reply-to: <20051013183921.47490E158@jimsun.linxnet.com>
References: <20051013183921.47490E158@jimsun.linxnet.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20050925 SeaMonkey/1.1a

Jim Seymour wrote:

Remember that slurpd is an LDAP client, not an LDAP server. It only extracts a few bits of info out of slapd.conf, the rest of its configuration (including TLS parameters) must be set via ldap.conf.
Got here O'Reilly's "LDAP System Administration" (now rather
out-of-date, but still useful) and the OpenLDAP.org admin guide.
Neither mentions anything about ldap.conf in relation of replication.
Is now the point at which I mention I'm more confused than ever?

In that case, now would be the point to say RTFM. From the slurpd(8) man page, DESCRIPTION section:

Note that slurpd reads *replication* directive from *slapd.conf* <http://192.168.1.1/%7Ehyc/man/man5/slapd.conf.5>(5), but uses *ldap.conf* <http://192.168.1.1/%7Ehyc/man/man5/ldap.conf.5>(5) to obtain other configuration settings (such as TLS settings).

I would also mention that as far as I know, nobody working on that O'Reilly book ever contacted anyone on the OpenLDAP project re: reviewing its content. (And yes, we have done so when asked by other authors in the past.) As such, the book's technical accuracy and best-practice suggestions are somewhat questionable.

--
 -- Howard Chu
 Chief Architect, Symas Corp.  http://www.symas.com
 Director, Highland Sun        http://highlandsun.com/hyc
 OpenLDAP Core Team            http://www.openldap.org/project/

References:
- Re: Slurpd and TLS/SSL
  - From: jseymour@linxnet.com (Jim Seymour)

Prev by Date: Re: Slurpd and TLS/SSL
Next by Date: Re: Slurpd and TLS/SSL
Index(es):
- Chronological
- Thread