Ok - this is actually very helpful... So I think I have just one set of remaining questions: 1) In /etc/openldap/ldap.conf, I currently have: URI ldapi://127.0.0.1/
This says the clients should default to using the ldapi:/// socket. Compare that to the options you are providing to slapd, to see if you think this will work.
2) what command line parameters do I want to run openldap with? Currently mine is running with: /usr/sbin/slapd -u ldap -h ldap://127.0.0.1:389 ldaps://127.0.0.1:636 It seems I should at least be removing the *:636 part since it will be using STARTTLS, correct?
It's up to you. Some old pieces of software don't support startTLS. Some poorly written modern pieces of software don't support it either.
--Quanah -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration