Date: Fri, 18 Jul 2003 11:12:40 -0500 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: Jean-Baptiste Quenot <jb.quenot@caraldi.com> Cc: Oliver Eikemeier <eikemeier@fillmore-labs.com> Subject: Re: Patch port nss_ldap's Makefile for ldap.conf location Message-ID: <20030718161240.GA68334@madman.celabo.org> In-Reply-To: <20030718160450.GA52232@watt.intra.caraldi.com> References: <20030710110751.GA6966@watt.intra.caraldi.com> <3F0D68D7.50502@fillmore-labs.com> <20030715214112.GF86657@madman.celabo.org> <20030718160450.GA52232@watt.intra.caraldi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jul 18, 2003 at 06:04:50PM +0200, Jean-Baptiste Quenot wrote: > If I understand correctly your point, each LDAP client should have its > own config file? s/should/could/ > OpenLDAP client in > $(LOCALBASE)/etc/openldap/ldap.conf, pam_ldap in > $(LOCALBASE)/etc/pam_ldap.conf and nss_ldap in > $(LOCALBASE)/etc/nss_ldap.conf? > > That makes three files or more in the future to keep in sync when > changing the server URI... I'd prefer only one file, the one from > OpenLDAP. Does it make sense to have a different LDAP server for every > client program? Yes, it does. That's why you'll find most LDAP-using applications have a `LDAP server' configuration knob (among other LDAP knobs). If you want one file, you can symlink/hard link them. But if we don't use different names, there would be no way to separate the system nss_ldap configuration from, say, the default configuration of the OpenLDAP command line tools. > It _could_ make sense to have separate config files if we consider eg > binding anon or root depending on the client program involved, or > setting a specific option. Right. Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030718161240.GA68334>