On Fri, 30 Sep 2005, Wolfe, Allan wrote: > (1) How does one utilize ldaps. All the notes I've seen has been > insecure transport. We can't justify GSSAPI and TLS simple fits our > needs.
I'm following this thread with interest because I want to dump NIS and switch all the tables to LDAP, specifically autofs maps. I'm just starting out here, but it looks to me like you specify in /etc/ldap.conf "URI ldaps:/server.example.com" (assuming the name can be resolved by DNS without using a host map in LDAP :-), or use a numeric IP address. This would use TLS for every LDAP lookup, which is overkill. It wasn't immediately obvious how to use one URI (no TLS) for one set of maps and the TLS URI for others where it makes a difference. I'm sure I'll be able to figure it out. In my environment, encryption is not useful for the autofs maps. James F. Carter Voice 310 825 2897 FAX 310 206 6673 UCLA-Mathnet; 6115 MSA; 405 Hilgard Ave.; Los Angeles, CA, USA 90095-1555 Email: [EMAIL PROTECTED] http://www.math.ucla.edu/~jimc (q.v. for PGP key) _______________________________________________ autofs mailing list [email protected] http://linux.kernel.org/mailman/listinfo/autofs
