[Date Prev][Date Next] [Chronological] [Thread] [Top]

Forcing use of TLS?

To: openldap-software@OpenLDAP.org
Subject: Forcing use of TLS?
From: Ken Kleiner <ken@cs.uml.edu>
Date: Thu, 30 May 2002 13:30:56 -0400 (EDT)

Hello...

 I have TLS set up with slapd and slapd does not allow anonymous searches, and
instead uses tcp wrappers.

 But - how can I stop somebody from using a ldap tool (like ldapsearch) on
a trusted host and passing a clear text password when they use '-W' to
authenticate with a BIND DN.  Using the '-ZZ' option forces TLS, but
is there a way to tell slapd to not allow ANYTHING unless it comes in with
TLS?

 Thanks....

-- 
<><  ><> <><  ><> <><  ><> <><  ><> <><  ><> <><  

Ken Kleiner
System Manager
Computer Science Department
Umass Lowell

voice : 978 934 3645
fax : 978 934 3551

cell : 603 930 5582 (emergencies only, please)

ken@cs.uml.edu

Prev by Date: newbie - a little confused
Next by Date: Root user stuck in LDAP database
Index(es):
- Chronological
- Thread