[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: DNS discovery for OpenLDAP?

To: openldap-technical@openldap.org
Subject: Re: DNS discovery for OpenLDAP?
From: Jaap Winius <jwinius@umrk.nl>
Date: Sun, 07 Mar 2010 05:12:13 +0100
Content-disposition: inline
In-reply-to: <4B919B75.8080601@symas.com>
References: <20100306001740.02lm9par0e84sws4@www.umrk.nl> <87eijy8hmg.fsf@windlord.stanford.edu> <4B919B75.8080601@symas.com>
User-agent: Internet Messaging Program (IMP) H3 (4.1.5)

Quoting Howard Chu <hyc@symas.com>:

Russ Allbery wrote:


I'm not sure if this is also available directly in the library or if the
client has to implement it.

This feature is implemented in the OpenLDAP client code, not in libldap.


Okay, so I created these DNS records in my example.com zone file:

   _ldap._tcp   IN   SRV   10 0 389 server1
   _ldap._tcp   IN   SRV   20 0 389 server2

... and I got this to work:

   ldapsearch -H ldap:///dc%3Dexample%2Cdc%3Dcom uid=jsmith

(That's "dc=example,dc=com" escaped according to RFC 2396).

However, if /etc/ldap/ldap.conf could be configured like this:

   BASE    dc=example,dc=com
   URI     ldap:///dc%3Dexample%2Cdc%3Dcom

... and /etc/libnss-ldap.conf and /etc/pam_ldap.conf could supportabout the same, now that would be more like it! Unfortunately, thatdoesn't work.

Correct me if I'm wrong, but I get the impression that none of theabove will be possible until support for DNS SRV records is added tolibldap.


Thanks,

Jaap

Follow-Ups:
- Re: DNS discovery for OpenLDAP?
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>

References:
- DNS discovery for OpenLDAP?
  - From: Jaap Winius <jwinius@umrk.nl>
- Re: DNS discovery for OpenLDAP?
  - From: Russ Allbery <rra@stanford.edu>
- Re: DNS discovery for OpenLDAP?
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: Many entries, deletes getting painfully slow
Next by Date: Re: DNS discovery for OpenLDAP?
Index(es):
- Chronological
- Thread