directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Seelmann <seelm...@apache.org>
Subject Re: [ApacheDS] Enablement of LDAPS (SSL) Service in ApacheDS 2.0 configuration
Date Mon, 22 Nov 2010 15:23:57 GMT
On Mon, Nov 22, 2010 at 3:17 PM, Pierre-Arnaud Marcelot <pa@marcelot.net> wrote:
> Hi Dev,
>
> A quick question, while I'm writing the configuration editor for ApacheDS 2.0 configuration.
>
> LDAP and LDAPS servers configuration is shared in the 'ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config'
entry.
> Like other servers (Kerberos, ChangePassword, HTTP, etc.), this entry has a 'ads-enabled'
attribute.
> But how do I know which servers (LDAP and/org LDAPS) should be enabled?
>
> Should I look at the enablement of the transports to see which ones are enabled? Should
we add a specific 'ads-enable-ldaps' attribute to the LDAP Server configuration?

Just as a side note: I thought there is a 3rd 'enabled' flag. In
ads-directoryServiceId=default,ou=config we have an attribute
  ads-servers: ldapserver
But it seems it isn't used. The ConfigPartitionReader just uses the
ATs defined for the entry's OC to find the composite elements below
ou=servers (quite nice, btw).

So I'd suggest we remove those
  ads-servers
  ads-interceptors
  ads-partitions
attributes from ads-directoryServiceId=default,ou=config entry.

Thoughts?

Kind Regards,
Stefan

Mime
View raw message