ldapi security level?

[Hallvard B Furuseth <h.b.furuseth@usit.uio.no>]

Isn't ldapi:/// secure?  What security commands do I give in slapd.conf?

Command:

  # /ldap/usr/bin/ldapmodify -x -H ldapi:/// -D ... -w ... -f ...
  ldap_bind: Confidentiality required (13)
          additional info: confidentiality required

ldapi file:

  # ls -dgl /ldap/usr/var /ldap/usr/var/ldapi
  drwx------    4 root         4096 Jun 27 18:08 /ldap/usr/var
  srwx------    1 root            0 Jun 27 18:06 /ldap/usr/var/ldapi

slapd.conf contains:

  # Require TLS/SSL for Simple Bind with password and for updates.
  security	simple_bind=128 update_ssf=128
  # Don't accept unprotected passwords, d'ont show passwords.
  access to attr=userPassword by * ssf=128 auth

-- 
Hallvard