ClearOS Bug Tracker

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0021751ClearOSapp-openldap-directory - Directory Serverpublic2018-10-09 09:362019-07-24 15:14
Assigned ToNickH 
PlatformOSOS Version
Product Version7.5.0 
Target VersionFixed in Version 
Summary0021751: Allow publish policies to optionally include ldap://
DescriptionFrom time to time we get customer requests to have slapd listen on port 389. If we publish a policy we only allow slapd to listen on ldaps:// (tcp:636). There are two ways round this.
1 - edit /etc/sysconfig/slapd and use a custom policy
2 - edit the unit file /usr/libexec/openldap/

1 has the advantage that it will survive any openldap upgrade and the disadvantage that, if you specify a LAN IP such as ldaps://, [^] then if your LAN IP changes, slapd will refuse to start. It also taked you outside the webconfig as "custom" is not an available option there.
2 had the advantages that it will survive a LAN IP change and does not go outside the webconfig, and the disadvantage that it may get overwritten by an openldap update.

I don't believe it will be too difficult to add a couple more options to the webconfig something like:
    Local Networks (without SSL)
    All Networks (without SSL)

and make the necessary adjustments to /usr/libexec/openldap/
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
NickH (developer)
2018-10-09 10:46

Just clarifying, if you add ldap:// options, if they are selected they should also publish ldaps:// rather than do it instead of.
NickH (developer)
2019-07-24 15:14

Migrated to [^]

- Issue History
Date Modified Username Field Change
2018-10-09 09:36 NickH New Issue
2018-10-09 09:40 user2 Status new => confirmed
2018-10-09 09:41 user2 Product Version 7.5.0 Updates => 7.5.0
2018-10-09 10:46 NickH Note Added: 0008131
2019-07-24 15:14 NickH Note Added: 0012241
2019-07-24 15:14 NickH Status confirmed => closed
2019-07-24 15:14 NickH Assigned To => NickH
2019-07-24 15:14 NickH Resolution open => suspended