---------- Forwarded message ----------
From: John gray <gnulinux9 at googlemail.com>
Date: Oct 22, 2007 5:16 PM
Subject: mandated TLS connections
To: fedora-directory-users at redhat.com
Hi all,
I migrated from openldap to redhat directory server.
In openldap I mandated TLS connections
ie:
[root at bjoshi ~]# ldapsearch -x -h 10.1.1.8 uid=bjoshi
ldap_bind: Confidentiality required (13)
additional info: TLS confidentiality required
[root at bjoshi ~]# ldapsearch -x -LL -ZZ -h 10.1.1.8 uid=bjoshi mail
version: 1
dn: uid=bjoshi,ou=people,dc=example,dc=com
mail: bjoshi at example.com
Below ioption in /etc/openldap/slapd.conf for enforcing.
security ssf=128 update_ssf=128 simple_bind=128 update_tls=128 tls=128
On the rhds machines tls works, but it also allows plain text searches.
Can anyone suggest configuration in rhds to force tls search only
Also note, follow the below documentation
http://directory.fedoraproject<http://directory.fedoraproject.org/wiki/Howto:SSL#Configure_LDAP_clients>
.org/wiki/Howto:SSL#Configure_LDAP_clients
<http://directory.fedoraproject.org/wiki/Howto:SSL#Configure_LDAP_clients>
and enabling
nsServerSecurity: on
does not solve the problem.
Only SSL is not option
Regards,
Bhargav
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20071022/8b7e42e5/attachment.html
