tor, 2002-09-05 kl. 06:27 skrev Christine Robertson: > We are using OpenLDAP 2.0.23 on FreeBSD 4.6, using TLS/SSL > but not SASL. Recently I realised that when I used > ldapsearch -H ldaps://ldap.au.cordoors.com .... > the results of my inquiry were returned encrypted from > port 636, which is kind of what I expected, AND in > clear text from port 389. > This only seems to be happening from one of our client machines; > the others are getting queries returned only via port 636. > Can anyone suggest what bit of my configuration I should > go looking in to find out why this is happening? As far as I > know, our configurations are very similar everywhere, except > for which directories are masters and which are slaves. I've only ever run 2.1 seriously, never 2.0, but this is what I've gleaned from the guide and "man slapd" - and implement myself: If you tell slapd to run ldaps explicitly in your startup cript, it will default to ports 636, *unless* you have another ldaps port defined in /etc/services. Then it will use that port. This would normally be 636 (is in mine, for example), but it could be any free port, where both TCP and UDP are specified. I repeat that this is for 2.1(.4), but 2.0 could default to 389. However, the startup script can force it to start up on any port by specifying an IP number or an FQDN followed by a colon and the port number. Best, Tony -- Tony Earnshaw The usefulness of RTFM is vastly overrated. e-post: tonni@billy.demon.nl www: http://www.billy.demon.nl gpg public key: http://www.billy.demon.nl/tonni.armor Telefoon: (+31) (0)172 530428 Mobiel: (+31) (0)6 51153356 GPG Fingerprint = 3924 6BF8 A755 DE1A 4AD6 FA2B F7D7 6051 3BE7 B981 3BE7B981
Attachment:
signature.asc
Description: Dette er en digitalt signert meldingsdel