[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ssf settings on server restart



On Wed, 1 Dec 2010, Christian Bösch wrote:

* start slapd and check with ldapsearch that that ssf= value actually is
present in cn=config

as i expect: olcSecurity: ssf=0 tls=0 simple_bind=0 update_ssf=0

* verify that you're getting behavior that matches what cn=config says

now i'm getting Confidentiality required (13) for all binds, also for the
excluded ips in the ACL
that is not as it should be.

No, doesn't sound like it is. Are you verifying this with a current version (2.4.23 or RE24/HEAD CVS)? If so, this is probably worthy of an ITS (http://www.openldap.org/its/).