Re: ldap+ssl+Active directory

[Howard Chu <hyc@symas.com>]

Andreas wrote:

> On Mon, Jul 05, 2004 at 10:34:32AM -0700, Kurt D. Zeilenga wrote:
> > Not sure what you mean by "set use ssl in ldap.conf"... but if you
> > mean you set 'use ssl' in ldap.conf, I note that OpenLDAP ldap.conf(5)
> > has no 'use ssl' directive.  You might be confusing directives for
> > some other ldap.conf file with OpenLDAP's ldap.conf(5).

> SuSE mixes nss_ldap and pam_ldap's ldap.conf (from PADL software) with 
> openldap's ldap.conf. They are both /etc/openldap/ldap.conf.

Then they've made a poor choice. I just recently installed SuSE 9.1 on 
one of my machines, and I've found a few other poor choices there as 
well; for example, they bundle Berkeley DB 4.2.52 but it doesn't support 
threads/mutexes so slapd linked against it always fails on startup. (The 
only fix in this case is to rebuild BDB yourself.)

As we've seen time and time again on this list, just because the vendor 
put it there is no reason to believe they did it correctly.
--
  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support