From: Howard Chu <hyc@openldap.org>
Date: Sun, 19 Oct 2003 22:45:00 +0000 (+0000)
Subject: Add note about not using ldapdb with slapd.
X-Git-Tag: OPENLDAP_REL_ENG_2_1_MP~534
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=0251ed17496786ac2808efcce8609a79cb90cfa4;p=openldap

Add note about not using ldapdb with slapd.
---

diff --git a/contrib/ldapsasl/README b/contrib/ldapsasl/README
index bdc5ba3955..b2d50fcd06 100644
--- a/contrib/ldapsasl/README
+++ b/contrib/ldapsasl/README
@@ -48,6 +48,17 @@ a client TLS certificate to be configured, so that SASL/EXTERNAL may
 be used between the SASL server and the LDAP server. This is the most
 optimal way to use this plugin when the servers are on separate machines.
 
+Note: this plugin is not for use with slapd itself. When OpenLDAP is
+built with SASL support, slapd uses its own internal auxprop module.
+By default, without configuring anything else, slapd will fail to load
+the ldapdb module when it's present. This is as it should be. If you
+don't like the "auxpropfunc: error -7" message that is sent to syslog
+by slapd, you can stop it by creating /usr/lib/sasl2/slapd.conf with:
+
+	auxprop_plugin: slapd
+
+which will force the SASL library to ignore all other auxprop modules.
+
 This plugin has been in use for over a year at many sites with good
 results. If you have questions or problems, please send feedback via
 the openldap-software mailing list.