New to FDS/LDAP doing a proof of concept and I have FDS 1.0.4 installed with SSL enabled on the DS side, TLS enabled on a FC 6 client. In ldap config I have TLS_REQCERT required. Question is, should ldap traffic generated from the client to the server pass on port 636 or port 389, I am seeing traffic that is supposed to be encrypted passing on the regular ldap port (389). I am seeing what appears to be correct in the access logs during the communication indicating that the traffic is in fact encrypted. [09/Nov/2006:18:50:10 -0600] conn=3 fd=65 slot=65 connection from 151.148.60.67 to 151.148.218.175 [09/Nov/2006:18:50:10 -0600] conn=3 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS" [09/Nov/2006:18:50:10 -0600] conn=3 op=0 RESULT err=0 tag=120 nentries=0 etime=0 [09/Nov/2006:18:50:10 -0600] conn=3 SSL 256-bit AES [09/Nov/2006:18:50:10 -0600] conn=3 op=1 BIND dn="" method=128 version=3 [09/Nov/2006:18:50:10 -0600] conn=3 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn="" [09/Nov/2006:18:50:10 -0600] conn=3 op=2 SRCH base="ou=People,dc=example,dc=com" scope=2 filter="(uid=testuser)" attrs=ALL [09/Nov/2006:18:50:10 -0600] conn=3 op=2 RESULT err=0 tag=101 nentries=1 etime=0 [09/Nov/2006:18:50:10 -0600] conn=3 op=3 UNBIND [09/Nov/2006:18:50:10 -0600] conn=3 op=3 fd=65 closed - U1 Thanks, Greg
