[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Reinstate BINDDN in contrib programs (ITS#391)

On  4 Dec, Kurt Zeilenga wrote:
> I do not believe we've changed how any contrib programs handle
> bind DNs.  Please provide additional description of the behavior
> missing and/or desired.

Under UMich LDAP-3.3, all of the contributed client programs included a
BINDDN parameter (eg; MAIL500_BINDDN) which set the BIND DN for the
particular client program (ie; Mail500). The "ldapconfig.h.edit" file
contained options to set the BINDDN for each client program, for

  /* who to bind as */
#define MAIL500_BINDDN    NULL

Under OpenLDAP, all of these client programs have replaced the
"..._BINDDN" parameter with "NULL", and the BINDDN definitions in the
"ldapconfig.h.edit" files have been removed.

What I would like to see is the usage of program specific BIND DN's,
rather than "NULL", with the user settings in the "ldapconfig.h.edit"
file (as they were in UMich LDAP). If a user doesn't care to make any
changes, then they would get a NULL BINDDN as they do now. If they
prefer to have specific DN's to use for BINDing, then they can set them
explicitly in the "ldapconfig.h.edit" file.