[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Require use of SSL..



You may want to check out the SSF keyword for access statements in
slapd.conf
do a man slapd.access and read up on ssf, transport_ssf, tls_ssf, and
sasl_ssf
These are used in the "by" clauses in an access directive.
It doesn't really explain what are valid numbers.. but the admin guide
touches on it some..  As does man slapd.conf.. 
Basically try 64 or 128 and see what happens.. Someone really should
write better documentation for this value..

On Mon, 2004-03-08 at 00:01, adp wrote:
> I have been studying 'require' for slapd, but it doesn't appear to do what I
> want. Hopefully someone can help here. I want to force all connections to be
> over SSL. Is there an easy way to do this? I know that OpenLDAP supports
> both ldaps (just ldap over SSL on port 636 from what I can see) and StartTLS
> (port 389). What I can't see is how to enforce the use of StartTLS. Also, is
> there any reason why this would be a bad idea? We are using LDAP mostly to
> auth user logins (not yet actually).
> 
> 
-- 
Edward Rudd <eddie@omegaware.com>
Website http://outoforder.cc/