Hi, I'm trying to set up Fedora DS to be accessible only with SSL. My DS is on a standalone remote server, with most ports firewalled. If I open ports 389 and 636, I can run ldapsearch ok using SSL (the access log shows 'SSL connection.. using 256-bit AES') but I can also choose not to use SSL and still make queries. If I close port 389, I can't connect to the server with or without SSL - I just get 'ldap_start_tls: Can't contact LDAP server (-1)'. This is even if I explicitly specify port 636, not just relying on the '-Z' flag for ldapsearch. Is it possible to close down non-SSL access? (I am not using the admin server, so this needs to be through manual configuration) Thanks for any advice Graham
