[rhelv6-list] Problem with ldap

Nalin Dahyabhai nalin at redhat.com
Fri Dec 3 22:07:43 UTC 2010


On Fri, Dec 03, 2010 at 01:51:35PM -0800, Collins, Kevin [BEELINE] wrote:
> Related to this issue, do I still need /etc/ldap.conf or has
> /etc/pam_ldap.conf basically repalced that?

The short answer is that you should just need /etc/pam_ldap.conf for
pam_ldap and /etc/nslcd.conf for nslcd (or /etc/sssd/sssd.conf for
sssd).

The /etc/openldap/ldap.conf file should still be used by the OpenLDAP
libraries and command-line tools, though tools like pam_ldap and nslcd
that provide their own configuration files will override any defaults
that come from from /etc/openldap/ldap.conf with values from their own
configurations, if they pick up defaults from it at all.

The /etc/ldap.conf file _shouldn't_ be needed, but you may find places
where someone thought that pulling some of the settings from it (host,
base, uri, some TLS settings) while ignoring others (some TLS settings,
connection timeouts, schema mapping) would work well enough.  Mileage
varies in those cases.

HTH,

Nalin




More information about the rhelv6-list mailing list