[389-users] Re: Force use of secure connections

Tue, 10 Mar 2020 13:20:34 -0700 

I don't know if this will be of any help to you but here are the instructions
for RHDS 9.

https://access.redhat.com/documentation/en-us/red_hat_directory_server/9.0/html/administration_guide/secureconnections#requiring-secure-connections
[https://access.redhat.com/webassets/avalon/g/shadowman-200.png]<https://access.redhat.com/documentation/en-us/red_hat_directory_server/9.0/html/administration_guide/secureconnections#requiring-secure-connections>
Chapter 7. Configuring Secure Connections Red Hat Directory Server 9.0 | Red 
Hat Customer 
Portal<https://access.redhat.com/documentation/en-us/red_hat_directory_server/9.0/html/administration_guide/secureconnections#requiring-secure-connections>
Alternatively, use the nsslapd-minssf-exclude-rootdse configuration attribute. 
This sets a minimum SSF setting for all connections to the Directory Server 
except for queries against the root DSE. A client may need to obtain 
information about the server configuration, like its default naming context, 
before initiating an operation.
access.redhat.com



--
Patrick Landry
Director, University Computing Support Services
University of Louisiana at Lafayette
P.O. Box 43621
Lafayette, LA 70504
(337) 482-6402
patrick.lan...@louisiana.edu
–––––––––––––––––––––––––
Université des Acadiens

________________________________
From: Matthew Aguirre <matt.agui...@einstein-tech.com>
Sent: Tuesday, March 10, 2020 3:00 PM
To: 389-users@lists.fedoraproject.org <389-users@lists.fedoraproject.org>
Subject: [389-users] Force use of secure connections

Is there a way to disable unsecured use of port 389?  I am using FreeIPA, so 
the client setup uses port 389 with TLS and that is fine, but I'd like to be 
able to not allow unsecured connections as much as possible.

I was able to do this in OpenLdap, but haven't seen a comparable solution in 
ds-389.
--
Matt

_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org

Reply via email to