Hi All,

I wanted to enable secure LDAP connection on freeIPA but alas after changing 

nsslapd-minssf from 0 to 128 i am getting  below error:

ipactl restart

Failed to read data from Directory Service: Unknown error when retrieving list 
of services from LDAP: Server is unwilling to perform: Minimum SSF not met.

Shutting down

When trying to put back the original nsslapd-minssf to "0" i am getting below 

modifying entry "cn=config"

ldap_modify: Server is unwilling to perform (53)

additional info: Minimum SSF not met.

I tried below configuration but still getting unwilling to perform (53) Minimum 
SSF not met Error.

dn: cn=config

changetype: modify

replace: nsslapd-minssf

nsslapd-minssf: 10


replace: nsslapd-allow-anonymous-access

nsslapd-allow-anonymous-access: on


replace: nsslapd-minssf-exclude-rootdse

nsslapd-minssf-exclude-rootdse: off

I am following the steps mentioned here: 

Chapter 14. Configuring Secure Connections - Red Hat 
By default, clients and users connect to the Red Hat Directory Server over a 
standard connection. Standard connections do not use any encryption, so 
information is ...

How can i get  LDAPS working on my FreeIPA?

Many Thanks,

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to