Date: Fri, 18 Jul 2003 18:04:50 +0200 From: Jean-Baptiste Quenot <jb.quenot@caraldi.com> To: "Jacques A. Vidrine" <nectar@FreeBSD.org> Cc: Oliver Eikemeier <eikemeier@fillmore-labs.com> Subject: Re: Patch port nss_ldap's Makefile for ldap.conf location Message-ID: <20030718160450.GA52232@watt.intra.caraldi.com> In-Reply-To: <20030715214112.GF86657@madman.celabo.org> References: <20030710110751.GA6966@watt.intra.caraldi.com> <3F0D68D7.50502@fillmore-labs.com> <20030715214112.GF86657@madman.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
* Jacques A. Vidrine:
> Now, if I wanted to reference _OpenLDAP's_ configuration file, then
> sure, I'd use ${LOCALBASE}. But that would be
> ${LOCALBASE}/etc/openldap/ldap.conf.
>
> Below is the patch that I'm considering committing. I would appreciate
> feedback --- I don't want to cause a lot of churn.
I'm asking myself if the format of OpenLDAP's client config file is the
same as PADL's one. For me, nss_ldap and pam_ldap should use the same
config because these apps come from PADL.
If I understand correctly your point, each LDAP client should have its
own config file? OpenLDAP client in
$(LOCALBASE)/etc/openldap/ldap.conf, pam_ldap in
$(LOCALBASE)/etc/pam_ldap.conf and nss_ldap in
$(LOCALBASE)/etc/nss_ldap.conf?
That makes three files or more in the future to keep in sync when
changing the server URI... I'd prefer only one file, the one from
OpenLDAP. Does it make sense to have a different LDAP server for every
client program?
It _could_ make sense to have separate config files if we consider eg
binding anon or root depending on the client program involved, or
setting a specific option.
Comments welcome,
--
Jean-Baptiste Quenot
http://caraldi.com/jbq/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030718160450.GA52232>