Rodney Simioni wrote: > /etc/openldap/ldap.conf # this config file is openldap server's ldap > config file? No, it's a LDAP client config. Mostly likely for OpenLDAP ldap* command-line tools but sometimes also for other components. > /etc/ldap.conf # This config file is for ldap's clients? Sometimes it's used for LDAP clients like pam_ldap, sudo-ldap etc. It also might affect the behaviour of clients implement in a scripting language which uses OpenLDAP client libs through C wrapper modules (like php-ldap, python-ldap, etc.) The way various software and distributions deal with ldap.conf in several directories is a mess and entirely depends on how the software author / Linux distributor built the client software. > If I want to test test if LDAP is configured with TLS/SSL with this > command ldapsearch -d -1 -x -LLL -ZZ, do I need a ldap client config > file? A host parameter is missing (see -H) in the example above. The OpenLDAP command-line tools all have options for specifying all LDAP parameters you might need. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature