[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ssf settings on server restart

To: Aaron Richton <richton@nbcs.rutgers.edu>
Subject: Re: ssf settings on server restart
From: Christian Bösch <boesch@fhv.at>
Date: Wed, 1 Dec 2010 15:23:29 +0100
Cc: openldap-technical@openldap.org
In-reply-to: <alpine.SOC.2.00.1012010917430.8222@toolbox.rutgers.edu>
References: <C1026E5D-5897-4FE7-8E1A-E40AB324B47A@fhv.at> <alpine.SOC.2.00.1011300838190.8222@toolbox.rutgers.edu> <BB9CFEA8-3453-4324-A03E-B8FF31C51383@fhv.at> <alpine.SOC.2.00.1012010846120.8222@toolbox.rutgers.edu> <B7AB1071-CCC7-41D4-A161-8DC8FA5DF8A8@fhv.at> <alpine.SOC.2.00.1012010917430.8222@toolbox.rutgers.edu>

On Dec 1, 2010, at 15:19 , Aaron Richton wrote:

> On Wed, 1 Dec 2010, Christian Bösch wrote:
> 
>>> * start slapd and check with ldapsearch that that ssf= value actually is
>>> present in cn=config
>>> 
>> as i expect: olcSecurity: ssf=0 tls=0 simple_bind=0 update_ssf=0
>> 
>>> * verify that you're getting behavior that matches what cn=config says
>> 
>> now i'm getting Confidentiality required (13) for all binds, also for the
>> excluded ips in the ACL
>> that is not as it should be.
> 
> No, doesn't sound like it is. Are you verifying this with a current 
> version (2.4.23 or RE24/HEAD CVS)? If so, this is probably worthy of an 
> ITS (http://www.openldap.org/its/).

i compiled it from freebsd ports. version 2.4.21.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

References:
- Re: ssf settings on server restart
  - From: Aaron Richton <richton@nbcs.rutgers.edu>
- Re: ssf settings on server restart
  - From: Christian Bösch <boesch@fhv.at>
- Re: ssf settings on server restart
  - From: Aaron Richton <richton@nbcs.rutgers.edu>

Prev by Date: Re: ssf settings on server restart
Next by Date: Re: Want interesting restrictions to ldap auth on different servers to different users
Index(es):
- Chronological
- Thread