Howard Chu wrote: > Michael Ströder wrote: >> Rodney Simioni wrote: >>> /etc/openldap/ldap.conf # this config file is openldap server's ldap >>> config file? >> >> No, it's a LDAP client config. Mostly likely for OpenLDAP ldap* command-line >> tools but sometimes also for other components. >> >>> /etc/ldap.conf # This config file is for ldap's clients? >> >> Sometimes it's used for LDAP clients like pam_ldap, sudo-ldap etc. It also >> might affect the behaviour of clients implement in a scripting language which >> uses OpenLDAP client libs through C wrapper modules (like php-ldap, >> python-ldap, etc.) > > Not quite. There is no specific config file for OpenLDAP command line tools. > The /etc/openldap/ldap.conf is a config for libldap, and as such it affects > everything that uses libldap - command line tools, scripting modules, whatever. Just to add: Some applications (e.g. web2ldap) turn off processing ldap.conf by setting env var LDAPNOINIT=1 to prevent side effects to application configuration. > [..] and yes it's a mess. Especially since some software adds other configuration non-OpenLDAP directives (e.g. sudo-ldap). So even for me it's sometimes hard to sort out which file/directive affects what... Ciao, Michael.
Description: S/MIME Cryptographic Signature