Re: LDAPI documentation (was Re: Graphical LDAP clients with SASL support)

[Tony Earnshaw <tonye@billy.demon.nl>]

søn, 07.03.2004 kl. 18.19 skrev Kevin:

> What's a good source of documentation on ldap and unix 
> domain sockets?  I see it mentioned, but only briefly 
> in the slapd man page.
> 
> I find only one mention of ldapi in the OpenLDAP 
> Administrator's Guide and it's not explanatory.

In addition to what Dieter writes, I start up slapd (from my RedHat
/etc/rc.d/init.d/ldap script with:

umask 0
daemon ${slapd} -u ldap -h '"ldap:/// ldaps:///
ldapi://%2Fusr%2Flocal%2Fvar%2Fslapd%2Fldapi/????x-mod=0777"' $OPTIONS
$SLAPD_OPTIONS

(the long line should be given on a single line). I was trying to put
the socket into a directory /usr/local/var/slapd and protect that
directory from other users than "ldap", but that didn't work, for some
reason (it bleeding well should) - the whole thing has to be world
read/write - yuk. You'll need the "/????x-mod=0777" addition, plus for
Openldap 2.2.x the "umask 0", otherwise it won't work.

The %2F are coded slashes.

My docs? 'man slapd', plus Dieter's stuff. I have to thank Howard Chu,
Igor B. on this list, and Liviu Daia on the Postfix list (and sometimes
on this list :) for the fact that it all works. Just dive in and do it ;)
It works with just about everything for 2.1.x and 2.2.x - apart from
pam_ldap/nss_ldap, and of course the clients for which it doesn't, like
GQ and directory_administrator.

--Tonni

-- 

mail: billy - at - billy.demon.nl
http://www.billy.demon.nl