From 0251ed17496786ac2808efcce8609a79cb90cfa4 Mon Sep 17 00:00:00 2001 From: Howard Chu Date: Sun, 19 Oct 2003 22:45:00 +0000 Subject: [PATCH] Add note about not using ldapdb with slapd. --- contrib/ldapsasl/README | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/contrib/ldapsasl/README b/contrib/ldapsasl/README index bdc5ba3955..b2d50fcd06 100644 --- a/contrib/ldapsasl/README +++ b/contrib/ldapsasl/README @@ -48,6 +48,17 @@ a client TLS certificate to be configured, so that SASL/EXTERNAL may be used between the SASL server and the LDAP server. This is the most optimal way to use this plugin when the servers are on separate machines. +Note: this plugin is not for use with slapd itself. When OpenLDAP is +built with SASL support, slapd uses its own internal auxprop module. +By default, without configuring anything else, slapd will fail to load +the ldapdb module when it's present. This is as it should be. If you +don't like the "auxpropfunc: error -7" message that is sent to syslog +by slapd, you can stop it by creating /usr/lib/sasl2/slapd.conf with: + + auxprop_plugin: slapd + +which will force the SASL library to ignore all other auxprop modules. + This plugin has been in use for over a year at many sites with good results. If you have questions or problems, please send feedback via the openldap-software mailing list. -- 2.39.5