Replies: 2 comments
-
|
How is netatalk currently authenticating to an LDAP server... http? I looked at the netatalk code and could only conclude that we don't do any authentication handling on our end. Rather, I anticipate this is done through the LDAP library API, i.e. when calling In fact, as I researched this I found #11 where the LDAP API init call was modernized to support more protocols, but then reverted again because it broke compatibility with Solaris. It's been 9 years since that event, and Solaris has seen a handful of updates. I say we revisit this decision. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks, rdmark. I looked at the reverted patch. It seems to do exactly what I proposed: connect to the LDAP server via an ldap uri (in afp.conf, thereby specifying the protocol) instead of the IP address. A reconsideration would be desirable. |
Beta Was this translation helpful? Give feedback.
-
As the title suggests, a very useful addition would be the ability to authenticate to an LDAP server and look up a configured domain via the TLS or ldapi (unix domain socket) protocols. For security reasons I would prefer to start my openLDAP server only accepting connections via TLS. The ldapi protocol would then be useful for situations where the ldap server and the netatalk server run on the same machine.
Beta Was this translation helpful? Give feedback.
All reactions