How do internet-facing, multi-domain ldap servers handle TLS?

How do internet-facing, multi-domain ldap servers handle TLS? Do they go multi-port or do they use one TLS certificate that covers all of the domains, or do they get more IP addresses that are all on different domains?

Re: Antw: Re: [Q] amendments to schemes existent

Andrew Findlay wrote: > You could try using the extended search filter syntax: > > (dhcpOption:caseIgnoreSubstringsMatch:=boot*) > > See RFC4515 for more details. In practice you will probably want to create a I tried and failed ... where did I mistake?

Re: Antw: Re: [Q] amendments to schemes existent

Andrew Findlay wrote: > Try this: > (authorizedService:caseIgnoreSubstringsMatch:=m...@hh001.umi) now there is no error message, though the result is still empty alas ... # base

Re: Antw: Re: [Q] amendments to schemes existent

Ulrich Windl wrote: > But you are basically changing the semantics of attribute authorizedService: > Before "*" was literal, after it is magic (substring match). > > The discussion on which variant is more useful is a different issue ;-) for *my* flow, the