[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: multiple servers in DNS and TLS

To: Emmanuel Dreyfus <manu@netbsd.org>, openldap-software@openldap.org
Subject: Re: multiple servers in DNS and TLS
From: Quanah Gibson-Mount <quanah@zimbra.com>
Date: Mon, 16 Jul 2007 08:14:12 -0700
Content-disposition: inline
In-reply-to: <1i1cmzu.18cm3yroe7740M%manu@netbsd.org>
References: <1i1cmzu.18cm3yroe7740M%manu@netbsd.org>

--On Monday, July 16, 2007 3:04 PM +0200 Emmanuel Dreyfus <manu@netbsd.org> wrote:

Hi

I hope this is not covered in a FAQ (I searched without success): how do
I configure clients to query multiple LDAP servers while using TLS?

Listing the servers in ldap.conf's URI works, but I'd prefer to have the
server list stored in DNS, as it would allow adding a server without the
need to change all clients configuration.

Having a rotative DNS for ldap.example.net cause the TLS checks to fail.

And OpenLDAP client library does not perform DNS SRV lookups.


OpenLDAP 2.4 will (just to note)

Is there some kind of trick to get this done properly?


Use a cert with a correct subjectAltName, or a wildcard cert.

--Quanah

--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration

Follow-Ups:
- [SOLVED] Re: multiple servers in DNS and TLS
  - From: manu@netbsd.org (Emmanuel Dreyfus)

References:
- multiple servers in DNS and TLS
  - From: manu@netbsd.org (Emmanuel Dreyfus)

Prev by Date: Re: Autoappending a static postfix to homedirectory-field
Next by Date: Re: How to now if smbk5pwd is working?
Index(es):
- Chronological
- Thread