Hello
On 1/22/07, Kurt D. Zeilenga <[EMAIL PROTECTED]> wrote:
connecting. If you want to restrict clients to using just the former or the latter, eliminate one or the other listener.
I guess I didn't explain properly in the first place: If I open port 389, and even though I accept TLS, I can not force client to use an encrypted connection. Which is what I want to achieve. The aim is to prevent any non-encrypted connection to openldap. And I can't just use port 636 (ldaps) as I have a few clients that only work with a StartTLS operation Is this something possible?
ldap:// on port 389 and use of Start TLS operation to initiate TLS (SSL) is the standard way of securing LDAP with TLS.
Yes. you are 100% correct, I just want to enforce is. Jean-Yves
