Re: overlay chain [RESOLVED]

14 Aug 2008

      ----- "Emmanuel Dreyfus" manu@netbsd.org wrote:
...
So here is the overlay chain configuration that works using x509
certificates for authentication to the LDAP master (binddn is still
both
mandatory and ignored)
overlay                 chain
chain-uri               ldaps://ldapmaster.example.net
chain-idassert-bind     bindmethod=sasl
                        saslmech=EXTERNAL
                        binddn="cn=dontcare"
                        tls_cert=/etc/openssl/certs/ldapslave1.crt
                        tls_key=/etc/openssl/private/ldapslave1.key
                        tls_cacert=/etc/openssl/certs/ca.crt
                        tls_reqcert=demand
                        mode=self
chain-idassert-authzFrom "*"
chain-return-error TRUE
Did you chalk this up on the FAQ?
Thanks.
-- 
Kind Regards,

Gavin Henry.
OpenLDAP Engineering Team.

E ghenry@OpenLDAP.org

Community developed LDAP software.

http://www.openldap.org/project/

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

Re: overlay chain [RESOLVED]