Hi Pierangelo ,

I hope you don't mind the direct mail...

Yes, I do. My employer also does, since I'm using their IT resources to answer private mails about what they usually ask me to do for business, and you're not one of their customers.

I just don't want to make public the names bing used.

Since you sent them by unencrypted email, they're already public. Moreover, I don't see anything really confidential in what you sent. And, I don't feel bound to any confidentiality, since we didn't sign any NDA. However, I'm removing anything you considered sensitive from this response, by now.

I am using openldap-2.3.35.

Good. Not the latest, but the proxy backends should be safe.

However, you need to understand that there is a trivial error in your configuration. If you enable config log level, slapd (or slaptest) will tell you where the error is. It is not clear what you want to do.

Asking why a configuration is not correct is usually the wrong question, because it only leaves room for partial answers, like "fix syntax errors" (which are usually already answered by man pages, FAQs & co., BTW). If you explain what you want to obtain, perhaps someone can tell you how to obtain it. Perhaps, from the multiple answers you might get, you can learn how things work, and how to make them work best.

p.

Ing. Pierangelo Masarati OpenLDAP Core Team

SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------