Pierangelo Masarati wrote:
Like I said before, to really fix
this requires making back-ldap work with multiple URLs (and
slap_bindconf's). That would also address the FIXME re: using the
correct idassert-authcDN.
Agree. Let's move the URL into the slap_bindconf, it's going to be
beneficial in many places.
TLS parameters belong in here too. I.e., you may need to specify a
different CA / cert / key for each association. The whole TLS option
framework in libldap needs some cleaning up though. I'll try to get to
it soon.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/