[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ssf settings on server restart

To: Christian Bösch <boesch@fhv.at>
Subject: Re: ssf settings on server restart
From: Aaron Richton <richton@nbcs.rutgers.edu>
Date: Wed, 1 Dec 2010 09:19:04 -0500 (EST)
Cc: openldap-technical@openldap.org
In-reply-to: <B7AB1071-CCC7-41D4-A161-8DC8FA5DF8A8@fhv.at>
References: <C1026E5D-5897-4FE7-8E1A-E40AB324B47A@fhv.at> <alpine.SOC.2.00.1011300838190.8222@toolbox.rutgers.edu> <BB9CFEA8-3453-4324-A03E-B8FF31C51383@fhv.at> <alpine.SOC.2.00.1012010846120.8222@toolbox.rutgers.edu> <B7AB1071-CCC7-41D4-A161-8DC8FA5DF8A8@fhv.at>
User-agent: Alpine 2.00 (SOC 1167 2008-08-23)

On Wed, 1 Dec 2010, Christian Bösch wrote:

* start slapd and check with ldapsearch that that ssf= value actually is
present in cn=config

as i expect: olcSecurity: ssf=0 tls=0 simple_bind=0 update_ssf=0

* verify that you're getting behavior that matches what cn=config says


now i'm getting Confidentiality required (13) for all binds, also for the
excluded ips in the ACL
that is not as it should be.

No, doesn't sound like it is. Are you verifying this with a currentversion (2.4.23 or RE24/HEAD CVS)? If so, this is probably worthy of anITS (http://www.openldap.org/its/).

Follow-Ups:
- Re: ssf settings on server restart
  - From: Christian Bösch <boesch@fhv.at>

References:
- Re: ssf settings on server restart
  - From: Aaron Richton <richton@nbcs.rutgers.edu>
- Re: ssf settings on server restart
  - From: Christian Bösch <boesch@fhv.at>

Prev by Date: Re: ssf settings on server restart
Next by Date: Re: ssf settings on server restart
Index(es):
- Chronological
- Thread