> >> >> It works when I use literally >> >> slapd -h ldapi://%2Ftest%2Ffoobar > > I invigilate the behaviour using various combinations of "%2F" and "/".
%2F for '/' is not black magic: it's just URL encoding of chars that have a special meaning in URLs. '/' is the separator between the "host" and the "DN" part, so any '/' in the host part (the socket's path name) need to be escaped. > just two more questions > > 1) is it possible to change socket permissions and/or active > listeners existence via cn=config? No. > 2) What build option enables x-mod= experimental feature ? Don't use it: it's not portable. The right way to use filesystem permission on ldapi consists in protecting access to the directory where the socket is created. p.
