Re: ldap+ssl+Active directory

[Ralf Haferkamp <rhafer@suse.de>]

On Monday 05 July 2004 20:02, Howard Chu wrote:
> Andreas wrote:
> > On Mon, Jul 05, 2004 at 10:34:32AM -0700, Kurt D. Zeilenga wrote:
> >>Not sure what you mean by "set use ssl in ldap.conf"... but if you
> >>mean you set 'use ssl' in ldap.conf, I note that OpenLDAP ldap.conf(5)
> >>has no 'use ssl' directive.  You might be confusing directives for
> >>some other ldap.conf file with OpenLDAP's ldap.conf(5).
> >
> > SuSE mixes nss_ldap and pam_ldap's ldap.conf (from PADL software) with
> > openldap's ldap.conf. They are both /etc/openldap/ldap.conf.
>
> Then they've made a poor choice. I just recently installed SuSE 9.1 on
> one of my machines, and I've found a few other poor choices there as
> well; for example, they bundle Berkeley DB 4.2.52 but it doesn't support
> threads/mutexes so slapd linked against it always fails on startup. (The
> only fix in this case is to rebuild BDB yourself.)

Weird, I have been using the bundled Berkeley DB for month with various 
OpenLDAP versions now. Of course it supports threads and shared mutexes. On 
what kind of hardware did you install it? Are you using a custom kernel or 
glibc? Note: I think we should take the off the list, as it seems off topic 
here.

> As we've seen time and time again on this list, just because the vendor
> put it there is no reason to believe they did it correctly.

-- 
Ralf Haferkamp
SUSE LINUX AG, Maxfeldstrasse 15-19, D-90409 Nuernberg
T: +49-911-74053-0
F: +49-911-74053575 - Ralf.Haferkamp@suse.com