I'm currently working on patches to allow LDAPS as well and make
sure
that SASL/GSSAPI/GSS-SPNEGO are set up so that it can be used together
with TLS. HTH
Good morning, Is there an expected eta for the patches to be available?
Pending that,
Is it possible to have two "ldap" providers in the same domain with
different ldap settings?
For example, if using ad for auth_provider and ldap for id/access providers
[
domain/example.com]
auth_provider = ldap
auth_provider ldap server
x.example.com
id_provider = ldap
id_provider ldap server
y.example.com
Such that the ad auth provider can now use ldap TLS/SSL to the password
server, but identity can still be managed by another server?
This may seen to be a weird setup, but it allows separation of
roles/responsibilities.
Thanks
Gary
--
Gary Molenkamp Computer Science/Science Technology Services
Systems Administrator University of Western Ontario
molenkam(a)uwo.ca
http://www.csd.uwo.ca
(519) 661-2111 x86882 (519) 661-3566