[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap.conf search order problem

To: Michel Gruau <michel.gruau@laposte.net>
Subject: Re: ldap.conf search order problem
From: Dan White <dwhite@olp.net>
Date: Fri, 5 Aug 2011 09:00:43 -0500
Cc: openldap-technical openldap org <openldap-technical@openldap.org>
Content-disposition: inline
In-reply-to: <20950023.246015.1312548937518.JavaMail.www@wwinf8220>
References: <23004540.42808.1312457304742.JavaMail.www@wwinf8210> <20950023.246015.1312548937518.JavaMail.www@wwinf8220>
User-agent: Mutt/1.5.21 (2010-09-15)

Message du 04/08/11 13:28
De : "Michel Gruau"
A : "openldap-technical openldap org"
Copie à :
Objet : ldap.conf search order problem

Hello,


I have a proxy configuration with severall backend directories and one of
them in TLS.

I thus added the following line in ldap.conf in order to let it know the
remote server server CA certificate TLS_CACERT     
/opt/openldap/etc/openldap/cacert.pem

This is working when this line is inserted in $HOME/ldaprc or
$HOME/.ldaprc but never working when inserted in the system-wide ldap
configuration file (/usr/local/etc/openldap/ldap.conf).

Not working neither when inserted in /opt/openldap/etc/openldap/ldap.conf
(my proxy is installed in /opt/openldap).

Is this a bug ? if not, what is the real ldap.conf search order ?


Michel,

You can find the location of the ldap.conf that your installed libraries
are using with strace, or your system's equivalent:

~$ strace ldapsearch 2>&1 | grep ldap\.conf
open("/etc/ldap/ldap.conf", O_RDONLY)   = 3

Make sure the file is readable by your user.

--
Dan White

References:
- ldap.conf search order problem
  - From: Michel Gruau <michel.gruau@laposte.net>
- Re:ldap.conf search order problem
  - From: Michel Gruau <michel.gruau@laposte.net>

Prev by Date: Re:ldap.conf search order problem
Next by Date: The difference between the meta and ldap backends
Index(es):
- Chronological
- Thread