On Mar 17, 2009, at 5:37 AM, Alan DeKok wrote:
Likely because the LDAP connections time out, and are closed.
Yes... that little traffic will result in LDAP connection timeouts.
Hrm... Ok, I can accept that. Is there a way to force a keepalive or something?
In our users file, we have the following :
DEFAULT Auth-Type := Reject Fall-Through = 1
Huh? Why?
I *thought* this was required, but apparently not?
Do you really want to accept these users without checking their passwords? That's a *very* bad idea.
I agree. What am I missing? I thought the user passwords were checked by the ldap module via the authentication section. Is that not correct?
The group membership configurations should ensure that it's using the memberOf attribute.
Can you give me an example please? I'm not sure I understand...
Why are you not checking passwords? That's a bad idea...
I thought I was... Do I need more than this? authenticate { Auth-Type LDAP { ldap } }
If you don't use a module, you can delete all references to it. It will make some *minor* difference in performance. But if you're getting a few requests a minute, that difference will be miniscule.
It's more of a "don't use it if you don't need it" philosophy, really.. Cleans up debug output too, when I'm trying to figure out what's going on ..
Alan DeKok.
Thanks for the help! -- Jason 'XenoPhage' Frisvold XenoPhage0@gmail.com http://blog.godshell.com