I've been doing some searching on this to no avail, so I have a question regarding these two posts:

http://www.openldap.org/lists/openldap-software/200603/msg00037.html http://www.openldap.org/lists/openldap-software/200603/msg00039.html

As an administrator, I have difficulty understanding why I am unable to be as specific as possible in ldap.conf in defining how my clients are to access my directory. In the second link above, I can understand the reasoning behind generally having SASL_MECH be user-only, but in my case I would appreciate the ability to throw some sort of overriding directive in ldap.conf to allow the user-only options in ldap.conf.

While I could just as easily modify libraries/libldap/init.c to suit my needs or otherwise work around this, I was thinking that this might be of some use to other LDAP admins.