On Mon, Nov 22, 2010 at 4:37 PM, Pierre-Arnaud Marcelot <[email protected]> wrote: > Hi Emmanuel, > > On 22 nov. 2010, at 15:31, Emmanuel Lecharny wrote: > >> On 11/22/10 3:17 PM, Pierre-Arnaud Marcelot wrote: >>> Hi Dev, >>> >>> A quick question, while I'm writing the configuration editor for ApacheDS >>> 2.0 configuration. >>> >>> LDAP and LDAPS servers configuration is shared in the >>> 'ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config' >>> entry. >>> Like other servers (Kerberos, ChangePassword, HTTP, etc.), this entry has a >>> 'ads-enabled' attribute. >>> But how do I know which servers (LDAP and/org LDAPS) should be enabled? >>> >>> Should I look at the enablement of the transports to see which ones are >>> enabled? Should we add a specific 'ads-enable-ldaps' attribute to the LDAP >>> Server configuration? >>> >>> WDYT ? >> IMO, if the SSL transport is present, then LDAPS should be enabled. No need >> for an extra flag. > > I agree with this (transport being present and enabled). > > But I propose we make this a consistent behavior all across the servers > In that case, how about removing the 'ads-enable' attribute from the servers > entries and look for the value in the transport ? > this requires an entirely different logic to find out if a server is enabled or not, i.e a server will be treated as enabled only if at least one transport is enabled. If we take care of this in the ServiceBuilder then +1
-- Kiran Ayyagari
