Hi,

In <3a94cf510705011743g3d71b501sfffc66183e519445 / mail.gmail.com>
  "Re: ActiveLdap questions" on Wed, 2 May 2007 09:43:47 +0900,
  "Francis Cianfrocca" <garbagecat10 / gmail.com> wrote:

> On 5/1/07, Kouhei Sutou <kou / cozmixng.org> wrote:
> >
> >
> > But Net::LDAP doesn't support START_TLS.
> 
> 
> Net::LDAP does support TLS connections (typically over port 636). It doesn't
> currently support the STARTTLS verb, but this is planned.

Yes. I know. And I already submitted a patch for supporting
START_TLS 6 months ago:
  http://rubyforge.org/tracker/index.php?func=detail&aid=6345&group_id=143&atid=633

> That's really quite a good point. Early on in the development of Net::LDAP,
> I thought quite hard about how to make a far-simplified interface to
> directory functionality. Some of LDAP's weirdness can be wrapped up, but
> some of it is quite hard to do away with. In particular, I tried to solve
> the problem of writing LDAP filters by using a search-oriented interface.
> But everyone who works with LDAP seems to be quite invested in standard
> filters, especially Microsoft, so it seemed like a low-value effort.
> 
> Does ActiveLDAP solve this problem by reading the root DSE records and
> guessing about things like the treebase, the supported authentication models
> and the schema? Or does it require configuration entries to be made
> somewhere in the user application?

I'm sorry. I don't understand what is the problem but
ActiveLdap uses root DSE to get schema information and
construct accessores dynamically. ActiveLdap doesn't require
any configurations for that.


Thanks,
--
kou