On Mon, Nov 22, 2010 at 6:19 PM, Pierre-Arnaud Marcelot <[email protected]> wrote: > Yeah, the transport must be there, but more importantly, it must be enabled. > > I'm wondering if the lack of certificate in the configuration does not > currently trigger auto-generation of a self-signed certificate in the current > implementation. > > Any idea, guys? it gets generated automatically > > Regards, > Pierre-Arnaud > > On 22 nov. 2010, at 16:49, Hammond, Steven wrote: > >> As long as both the transport and the certificate are available. Just >> having the transport, still cannot do LDAPS without a certificate. Maybe it >> is always there now, but it was not in 1.5.3. >> >> From: Emmanuel Lecharny [mailto:[email protected]] Sent: Monday, November >> 22, 2010 7:55 AM >> >> On 11/22/10 3:37 PM, Pierre-Arnaud Marcelot wrote: >>> Hi Emmanuel, >>> >>> On 22 nov. 2010, at 15:31, Emmanuel Lecharny wrote: >>> >>>>> WDYT ? >>>> IMO, if the SSL transport is present, then LDAPS should be enabled. No >>>> need for an extra flag. >>> I agree with this (transport being present and enabled). >>> >>> But I propose we make this a consistent behavior all across the servers >>> In that case, how about removing the 'ads-enable' attribute from the >>> servers entries and look for the value in the transport ? >> +1, if everybody agree, of course. >> >> >> -- >> Regards, >> Cordialement, >> Emmanuel Lécharny >> www.iktek.com >> > >
-- Kiran Ayyagari
