I have been tweaking my ACIs on my directory server, and I more or less feel good about its security posture except for one thing, it is still allowing unencrypted authentication. My clients are configured to use TLS for authentication which is good, but if I turn off TLS on the client, it still can authenticate which is bad. Assuming everything is configured properly on the client, this works, but I would feel better if my LDAP wouldn't even let a client bind if it is not using TLS. Can I do this through an ACI or some other setting on the server? Sam Adams General Dynamics - Information Technology Phone: 210.536.5945 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20060817/ee15926f/attachment.html
