Howard Chu wrote:
Michael Ströder wrote:
Rodney Simioni wrote:
/etc/openldap/ldap.conf # this config file is openldap server's ldap config file?
No, it's a LDAP client config. Mostly likely for OpenLDAP ldap* command-line tools but sometimes also for other components.
/etc/ldap.conf # This config file is for ldap's clients?
Sometimes it's used for LDAP clients like pam_ldap, sudo-ldap etc. It also might affect the behaviour of clients implement in a scripting language which uses OpenLDAP client libs through C wrapper modules (like php-ldap, python-ldap, etc.)
Not quite. There is no specific config file for OpenLDAP command line tools. The /etc/openldap/ldap.conf is a config for libldap, and as such it affects everything that uses libldap - command line tools, scripting modules, whatever.
Just to add: Some applications (e.g. web2ldap) turn off processing ldap.conf by setting env var LDAPNOINIT=1 to prevent side effects to application configuration.
[..] and yes it's a mess.
Especially since some software adds other configuration non-OpenLDAP directives (e.g. sudo-ldap). So even for me it's sometimes hard to sort out which file/directive affects what...
Ciao, Michael.