diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2014-07-07 16:37:20 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2015-06-07 02:52:38 +0200 |
commit | ddf4de6593756993f859c020bc6db046ca869846 (patch) | |
tree | 722378f05e125de523d1dd9c4eb178699323a725 | |
parent | 889def3fa23e168515b7467b7711bbacae08d0da (diff) |
Add note how to test SASL EXTERNAL authentication via TLS.
-rw-r--r-- | roles/common-LDAP/templates/etc/ldap/database.ldif.j2 | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/roles/common-LDAP/templates/etc/ldap/database.ldif.j2 b/roles/common-LDAP/templates/etc/ldap/database.ldif.j2 index cba0eb0..308bece 100644 --- a/roles/common-LDAP/templates/etc/ldap/database.ldif.j2 +++ b/roles/common-LDAP/templates/etc/ldap/database.ldif.j2 @@ -132,6 +132,9 @@ olcLimits: dn.exact="cn=lists,ou=replicates,o=mailHosting,dc=fripost,dc=org" {% endif %} {% endif %} {% if 'MX' in group_names and 'LDAP-provider' not in group_names %} +# Test it: +# LDAPSASL_MECH=external LDAPTLS_CACERT=/etc/ldap/ssl/ldap.fripost.org.pem LDAPTLS_CERT=/etc/ldap/ssl/mx.pem LDAPTLS_KEY=/etc/ldap/ssl/mx.key sudo -u openldap ldapwhoami -H ldaps://ldap.fripost.org/ +# LDAPSASL_MECH=external LDAPTLS_CACERT=/etc/ldap/ssl/ldap.fripost.org.pem LDAPTLS_CERT=/etc/ldap/ssl/mx.pem LDAPTLS_KEY=/etc/ldap/ssl/mx.key sudo -u openldap ldapsearch -H ldaps://ldap.fripost.org/ -b ou=virtual,o=mailHosting,dc=fripost,dc=org olcSyncrepl: rid=000 provider=ldaps://ldap.fripost.org type=refreshAndPersist |