[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldaprc with ldaps:// and ldap:// fallback

On 24/06/10 11:57 +0200, Emmanuel Dreyfus wrote:
Dieter Kluenter <dieter@dkluenter.de> wrote:

No, ldapi:/// doesn't present a certificate, but you may establish a
startTLS session to ldapi:///, in this case the client requests a
server certificate.

Let me rephrase: I would like to specify two LDAP servers in ldaprc - one ldapi:/// with anonymous bind
- one ldaps:// with SASL EXTERNAL for and required server certificate

It seems to me it is not possible.

You could do SASL EXTERNAL over both, with ldapi:/// using Unix peercred,


Dan White