Rodney Simioni wrote:
/etc/openldap/ldap.conf # this config file is openldap server's ldap config file?
No, it's a LDAP client config. Mostly likely for OpenLDAP ldap* command-line tools but sometimes also for other components.
/etc/ldap.conf # This config file is for ldap's clients?
Sometimes it's used for LDAP clients like pam_ldap, sudo-ldap etc. It also might affect the behaviour of clients implement in a scripting language which uses OpenLDAP client libs through C wrapper modules (like php-ldap, python-ldap, etc.)
The way various software and distributions deal with ldap.conf in several directories is a mess and entirely depends on how the software author / Linux distributor built the client software.
If I want to test test if LDAP is configured with TLS/SSL with this command ldapsearch -d -1 -x -LLL -ZZ, do I need a ldap client config file?
A host parameter is missing (see -H) in the example above. The OpenLDAP command-line tools all have options for specifying all LDAP parameters you might need.
Ciao, Michael.