[Date Prev][Date Next]
Re: Slurpd and TLS/SSL
Jim Seymour wrote:
In that case, now would be the point to say RTFM. From the slurpd(8) man
page, DESCRIPTION section:
Remember that slurpd is an LDAP client, not an LDAP server. It only
extracts a few bits of info out of slapd.conf, the rest of its
configuration (including TLS parameters) must be set via ldap.conf.
Got here O'Reilly's "LDAP System Administration" (now rather
out-of-date, but still useful) and the OpenLDAP.org admin guide.
Neither mentions anything about ldap.conf in relation of replication.
Is now the point at which I mention I'm more confused than ever?
Note that slurpd reads *replication* directive from *slapd.conf*
<http://192.168.1.1/%7Ehyc/man/man5/slapd.conf.5>(5), but uses
*ldap.conf* <http://192.168.1.1/%7Ehyc/man/man5/ldap.conf.5>(5) to
obtain other configuration settings (such as TLS settings).
I would also mention that as far as I know, nobody working on that
O'Reilly book ever contacted anyone on the OpenLDAP project re:
reviewing its content. (And yes, we have done so when asked by other
authors in the past.) As such, the book's technical accuracy and
best-practice suggestions are somewhat questionable.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/