[email protected] (Emmanuel Dreyfus) writes: > Dieter Kluenter <[email protected]> wrote: > >> No, ldapi:/// doesn't present a certificate, but you may establish a >> startTLS session to ldapi:///, in this case the client requests a >> server certificate. > > Let me rephrase: I would like to specify two LDAP servers in ldaprc > - one ldapi:/// with anonymous bind > - one ldaps:// with SASL EXTERNAL for and required server certificate > > It seems to me it is not possible.
This can be achieved by ACL's, man slapd.access(5), access to ... by sockname=... access to .. by tls_ssf=... -Dieter -- Dieter Klünter | Systemberatung sip: +49.40.20932173 http://www.dpunkt.de/buecher/2104.html GPG Key ID:8EF7B6C6
