[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldaprc with ldaps:// and ldap:// fallback



Dan White <dwhite@olp.net> wrote:

> You could do SASL EXTERNAL over both, with ldapi:/// using Unix peercred,
> i.e.:
> 
> authz-regexp
>    ".*uidNumber=([^,]+),cn=peercred,cn=external,cn=auth"
>    ldap:///ou=People,dc=example,dc=net??one?(uidNumber=$1)

That sounds nice, but will it works with the "TLS_REQCERT demand" I have
for ldaps:// ?

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org