Jaap Winius jwinius@umrk.nl writes:
In the course of my research into a solution involving Kerberos, OpenLDAP and OpenAFS (a.k.a. the Magic Trio), I've discovered that both Kerberos and OpenAFS support methods of DNS discovery, but that OpenLDAP apparently does not. Is this correct?
OpenLDAP's command-line tools support service discovery using DNS SRV records. See, for instance, the ldapsearch man page:
-H ldapuri Specify URI(s) referring to the ldap server(s); a list of URI, separated by whitespace or commas is expected; only the protocol/host/port fields are allowed. As an exception, if no host/port is specified, but a DN is, the DN is used to look up the corresponding host(s) using the DNS SRV records, according to RFC 2782.
I'm not sure if this is also available directly in the library or if the client has to implement it.