[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Help with openldap and starttls



Ok - this is actually very helpful...

So I think I have just one set of remaining questions:

1) In /etc/openldap/ldap.conf, I currently have:
URI     ldapi://127.0.0.1/

What value should I have there?  Do I need the server name such as:
URI ldapi://mydomain.com/

2) what command line parameters do I want to run openldap with?
Currently mine is running with:
 /usr/sbin/slapd -u ldap -h ldap://127.0.0.1:389 ldaps://127.0.0.1:636

It seems I should at least be removing the *:636 part since it will be using STARTTLS, correct?






It depends on your system.  On most, it is not.  Ususally, it is /etc/openldap/ldap.conf or /etc/ldap/ldap.conf.  /etc/ldap.conf is most often for nss_ldap/pam_ldap, which uses entirely different options.  This has been covered on the list many times.

--Quanah

--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration