[Date Prev][Date Next] [Chronological] [Thread] [Top]

Authenticationg only on port 636

I am trying to setup my LDAP server to allow anonymous use on port 389, but require that all request from port 636 to be authenticated. The following is the rule I setup (and only rule for debugging purposes) to do this. While it still provides me the read access anonymously on 389; on 636, when binding as a valid user, I don't get anything returned. If I bind as Manager on port 636, I do get everything. And if I remove the "sockurl" rule, I can bind on port 636 normally. Thoughts? Suggestions? Oh, if it matters, I am using OpenLDAP 2.1.22.

access to *
       by * read
       by sockurl="^ldaps:///$" auth
       by dn="cn=Manager,o=MUSC,c=US" write