ldapi:// with path
Michael Ströder
michael at stroeder.com
Tue Jun 30 23:19:28 CEST 2015
Arran Cudbard-Bell wrote:
>
>> On Jun 30, 2015, at 4:54 PM, Michael Ströder <michael at stroeder.com> wrote:
>>
>> Arran Cudbard-Bell wrote:
>>> If the user specifies:
>>>
>>> server = 'ldap://example.org'
>>> port = 1300
>>>
>>> They would (and did) wonder why the server was still attempting to connect on port 389.
>>
>> Hmm, I'm inclined to just spit out an error message in this case clearly
>> recommending to add the port number to the LDAP URL.
>
> Which we can't do in v3.0.x because it would break people's configurations.
It's quite a simple change which you could announce clearly.
> What are your arguments for URL support when specifying servers?
First of all:
It's required to work for LDAPI (which I use a lot together with SASL/EXTERNAL).
LDAP URLs also have everything in one parameter.
Example:
ldaps://ldap.example.com:9999 tells you to talk TLS before LDAP to host
ldap.example.com and port 9999 all in one line.
In web2ldap I even use LDAP URL extensions so you can construct a bookmark for
specifying to use StartTLS extended operation.
Ciao, Michael.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4272 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150630/f714928a/attachment.bin>
More information about the Freeradius-Users
mailing list