On Fri, Jan 03, 2025 at 08:55:32AM +0000, Windl, Ulrich wrote:
>> Can you give better background on what you want to do? Generally it's
>> *not*
>> recommended to use the ldap* tools inside of scripts, for example.  I
>> usually use python-ldap as an alternative in that case.
> 
> If the tools are not fit to be used in scripts, those tools should be fixed 
> IMHO.
> The philosophy of UNIX was that any command can be used in a script...

In the context of this discussion:
- one shouldn't rely on system config files in scripts
- -o tls_something=value settings exist, Eric even mentions them
  yet they do not want to use them, same with LDAPTLS_* environment
  variables
- $CWD/ldaprc is available and these options we are discussing are
  honoured if set there

As for use in scripts, a lot of them tend to use the ldap* tools the way
they would use "ls", and that's definitely not recommended. Anything
from quoting issues to localisation can and will eventually break such
scripts.

Regards,

-- 
Ondřej Kuzník
Senior Software Engineer
Symas Corporation                       http://www.symas.com
Packaged, certified, and supported LDAP solutions powered by OpenLDAP

Reply via email to