directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pierre-Arnaud Marcelot>
Subject Re: [ApacheDS] Enablement of LDAPS (SSL) Service in ApacheDS 2.0 configuration
Date Mon, 22 Nov 2010 14:37:12 GMT
Hi Emmanuel,

On 22 nov. 2010, at 15:31, Emmanuel Lecharny wrote:

> On 11/22/10 3:17 PM, Pierre-Arnaud Marcelot wrote:
>> Hi Dev,
>> A quick question, while I'm writing the configuration editor for ApacheDS 2.0 configuration.
>> LDAP and LDAPS servers configuration is shared in the 'ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config'
>> Like other servers (Kerberos, ChangePassword, HTTP, etc.), this entry has a 'ads-enabled'
>> But how do I know which servers (LDAP and/org LDAPS) should be enabled?
>> Should I look at the enablement of the transports to see which ones are enabled?
Should we add a specific 'ads-enable-ldaps' attribute to the LDAP Server configuration?
>> WDYT ?
> IMO, if the SSL transport is present, then LDAPS should be enabled. No need for an extra

I agree with this (transport being present and enabled).

But I propose we make this a consistent behavior all across the servers
In that case, how about removing the 'ads-enable' attribute from the servers entries and look
for the value in the transport ?


View raw message