[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ssf=0 disallowd in ACLs



At 12:42 PM 9/13/2004, Richard L. Goerwitz III wrote:
>Kurt D. Zeilenga wrote:
>
>>>I'm sorry if I'm misunderstanding the behavior I'm seeing, but let me
>>>try to be brief, and helpful here in describing the issue I'm seeing:
>>>
>>>In ACLs (OpenLDAP 2.2.15, 2.2.16 are what I tested), ssf=0 triggers
>>>the following error:
>>>
>>>/etc/openldap/slapd.conf: line 122: invalid ssf value (0)
>>This is intended behavior.  If one doesn't want to require
>>any protective services, one simply shouldn't specify an SSF
>>value.
>
>Under normal circumstances I might supply defaults as follows:
>
>  security update_ssf=128 simple_bind=63

Seems to me that you are confused as to the proper usage of
these and other slapd.conf(5) directives (as the above
doesn't supply "defaults" of any sort).  Questions regarding
usage are more appropriately directed to the OpenLDAP-software
mailing list.

Kurt