Hi All,

I wanted to enable secure LDAP connection on freeIPA but alas after changing 
cn=config

nsslapd-minssf from 0 to 128 i am getting  below error:


ipactl restart

Failed to read data from Directory Service: Unknown error when retrieving list 
of services from LDAP: Server is unwilling to perform: Minimum SSF not met.

Shutting down


When trying to put back the original nsslapd-minssf to "0" i am getting below 
error:

modifying entry "cn=config"

ldap_modify: Server is unwilling to perform (53)

additional info: Minimum SSF not met.


I tried below configuration but still getting unwilling to perform (53) Minimum 
SSF not met Error.


dn: cn=config

changetype: modify

replace: nsslapd-minssf

nsslapd-minssf: 10

-

replace: nsslapd-allow-anonymous-access

nsslapd-allow-anonymous-access: on

-

replace: nsslapd-minssf-exclude-rootdse

nsslapd-minssf-exclude-rootdse: off


I am following the steps mentioned here: 
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/SecureConnections.html

Chapter 14. Configuring Secure Connections - Red Hat 
Support<https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/SecureConnections.html>
access.redhat.com
By default, clients and users connect to the Red Hat Directory Server over a 
standard connection. Standard connections do not use any encryption, so 
information is ...




How can i get  LDAPS working on my FreeIPA?


Many Thanks,

Deepak
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to