does that cause problems? because i just symlink libnss-ldap.conf and pam_ldap.conf to ldap.conf for ease of managementHi,
James <james@nttmcl.com> writes:
Dieter Kluenter wrote:[...]
"Dieter Kluenter" <dieter@dkluenter.de> writes:
James <james@nttmcl.com> writes:
timelimit 120And what is the TLS part of the consumer slapd.conf looking like?
Sorry, my fault, it should read ldap.conf
-Dieter
bind_timelimit 120
idle_timelimit 3600
nss_initgroups_ignoreusers
root,ldap,named,avahi,haldaemon,postfix,messagebus
URI ldaps://master.example.com
BASE dc=example,dc=com
ldap_version 3
pam_password exop
ssl on
tls_ciphers HIGH:MEDIUM:+SSLv2:RSA
tls_checkpeer no
TLS_CACERT /etc/ssl/cacert.pem
TLS_REQCERT allow
Most of this are not valid parameters for OpenLDAP. This file is a mixture of pam_ldap.conf and openldap/ldap.conf
-Dieter