you could set minssf:
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Administration_Guide/SecureConnections.html#requiring-secure-connections

On 11/18/2015 07:24 AM, Prashant Bapat wrote:
Hi,

We have a pair of freeipa servers (4.1.4) and a bunch of Linux clients configured to talk to them thru pam-nss-ldapd (no sssd). I want to ensure that these clients only talk to freeipa's LDAP server either via ldaps or ldap+starttls. Plain ldap should not be allowed.

I can always switch to ldaps only and close the tcp/389 port on the firewall. But is there a way to achieve this using tcp/389 port.?

Any suggestions appreciated.

Thanks.
--Prashant



-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to