directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pierre-Arnaud Marcelot ...@marcelot.net>
Subject Re: [ApacheDS] Enablement of LDAPS (SSL) Service in ApacheDS 2.0 configuration
Date Mon, 22 Nov 2010 16:13:16 GMT

On 22 nov. 2010, at 16:23, Stefan Seelmann wrote:

> On Mon, Nov 22, 2010 at 3:17 PM, Pierre-Arnaud Marcelot <pa@marcelot.net> wrote:
>> Hi Dev,
>> 
>> A quick question, while I'm writing the configuration editor for ApacheDS 2.0 configuration.
>> 
>> LDAP and LDAPS servers configuration is shared in the 'ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config'
entry.
>> Like other servers (Kerberos, ChangePassword, HTTP, etc.), this entry has a 'ads-enabled'
attribute.
>> But how do I know which servers (LDAP and/org LDAPS) should be enabled?
>> 
>> Should I look at the enablement of the transports to see which ones are enabled?
Should we add a specific 'ads-enable-ldaps' attribute to the LDAP Server configuration?
> 
> Just as a side note: I thought there is a 3rd 'enabled' flag. In
> ads-directoryServiceId=default,ou=config we have an attribute
>  ads-servers: ldapserver
> But it seems it isn't used. The ConfigPartitionReader just uses the
> ATs defined for the entry's OC to find the composite elements below
> ou=servers (quite nice, btw).
> 
> So I'd suggest we remove those
>  ads-servers
>  ads-interceptors
>  ads-partitions
> attributes from ads-directoryServiceId=default,ou=config entry.
> 
> Thoughts?

+1, sounds like a good idea.

Regards,
Pierre-Arnaud


Mime
View raw message