--On Monday, January 18, 2021 3:52 AM +0000 [email protected]
wrote:
Few queries I have for these openLDAP,
1) Does Symas OpenLDAP or LTB OpenLDAP supports rolling updates?
Symas OpenLDAP on RHEL is a drop in replacement for the RHEL packages. You
can use yum to update it when new builds are released.
2) is there any way we can enable/disable SSL/Non-SSL mode for openldap..
Read the man pages and admin guide. Your question, however, is vague.
Please expand on what you're asking. There's no such thing as an
"SSL/Non_SSL" mode for the LDAP protocol. One can (optionally) use
startTLS over ldap:///, one can require TLS with ldaps://, and one can mix
the two. And it's possible to configure the slapd server to reject any
connection that doesn't have a security factor of X.
a) I have installed symas openLDAP with default configuration and
observed its running in Non-SSL mode and running on 389 port.
That implies you don't understand the LDAP protocol.
b) I
tried LTB openLDAP with default configuration and observed its going for
SSL mode and observed its running on two ports 389 and 636
This also implies you don't understand the LDAP protocol.
Again, ldap:/// can be used both with or without startTLS. slapd can be
configured to require all connections be encrypted, regardless of whether
it's ldap:/// or ldaps:///
Regards,
Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
