On 09/02/2014 06:56 PM, David Barr wrote:
Good Morning!I’m having a bad time finding documentation on how I would set up my 389-ds to only listen to localhost:389, and require all other connections to happen on port 636. The server is headless, so using the console is less than optimum. Has anything like that been written?
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#cnconfig-nsslapd_listenhost_Listen_to_IP_Address https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#cnconfig-nsslapd_securelistenhost You might also be interested in using ldapi + autobind instead of localhost https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#nsslapd-ldapilisten https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#nsslapd-ldapiautobinduse starttls instead of ldaps, and use nsslapd-minssf to require secure connections
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#nsslapd-minssf
Thanks! David -- David - Offbeat http://dafydd.livejournal.com dafydd - Online http://pgp.mit.edu/ Battalion 4 - Black Rock City Emergency Services Department Integrity*Commitment*Communication*Support ----5----1----5----2----5----3----5----4----5----5----5----6----5----7-- Dr. Viktor Frankenstein enters into a body building competition only to find he has seriously misunderstood the objective. -- 389 users mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/389-users
