On Sat Apr 22, 2006 at 09:09:30 +1000, Philip Greggs wrote: >On 4/21/06, Benno <[EMAIL PROTECTED]> wrote: >> On Fri Apr 21, 2006 at 20:24:10 +1000, Philip Greggs wrote: >> >> > >> >> > In Fedora 1, 2, 3, 4, and 5 it is in /etc/openldap/ldap.conf. >> >> > >> >> > My ldap.conf >> >> > #cat /etc/openldap/ldap.conf >> >> > HOST ldap.example.com.ex >> >> > BASE dc=example,dc=com,dc=ex >> >> You may also test a similar setup using Public LDAP Servers in your >> >> 'ldap.conf'. >> >> >> >> For example, you may try this in your ldap.conf >> >> HOST ldap.baylor.edu >> >> BASE o=Baylor University,c=US >> >> >> >> and then do, >> >> >> >> $ldapsearch -x >> >> >> >> Or >> >> HOST directory.monash.edu.au >> >> BASE o=Monash University,c=AU >> >> and then do, >> >> >> >> $ldapsearch -x >> >> >> > >> >Makes sense. >> > >> >One more question. How can individual users without superuser access >> >change the LDAP HOST server and/or BASE filter ? Tried this but no >> >joy: >> > >> >$export HOST="ldap.myserver.com" >> >$ldapsearch -x >> > >> >One moment a user wants to access Baylor U and another time >> >Monash U but SysAdmin is out to lunch. Is this possible ? >> > >> >> From the man page: >> >> -H ldapuri >> Specify URI(s) referring to the ldap server(s). >> >> -h ldaphost >> Specify an alternate host on which the ldap server is >> running. >> Deprecated in favor of -H. >> >> -p ldapport >> Specify an alternate TCP port where the ldap server is >> listen- >> ing. Deprecated in favor of -H. >> > >Thanks Benno. >1. This one works: >$ldapsearch -x -H ldap://ldap.example.com.clug -b example.com.clug >2. Not this one: >$ldapsearch -x -H ldap://ldap.example.com -b example.com > >Jimmy: >1. Created .ldaprc in my $HOME with >HOST ldap.example.com.clug >BASE example.com.clug >and $ldapsearch -x works. > >2. Not when I changed .ldaprc to >HOST ldap.example.com >BASE example.com > >NOTE: I changed my DNS and ldap domain to match >each case. > >So, DNS settings as indicated by O Plameras are important in LDAP. > >Just to clarify since there are some confusions.
Ok, to actually clarify the confusion... (hopefully). DNS is used in ldap at the network layer to determine how to contact the server. DNS is not used by the server, and the base DN is not related to DNS, and you are free to set that to whatever. (Which is what brought this up in the first place.) HTH, Benno -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
