[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: separate acl for different access methods

Jason Joines <joines@bus.okstate.edu> writes:

>   I'm using OpenLDAP 2.2.15 on SuSE Linux 9.2.  With this slapd.conf
>   and modifications to the permissions on the socket file
>   /var/run/slapd/ldapi and it's parent directory I have this situation.
>  All searches using tcp require TLS as desired.

> slave:~ #
> slave:~ # ldapsearch -x -H ldapi://%2fvar%2frun%2fslapd%2fldapi uid=bogus dn
> # search result
> search: 2
> result: 0 Success
>   However, authenticated searches do require authentication even when
>   using the socket.  I don't want this.

> security  ssf=1 update_ssf=128 simple_bind=128
> password-hash {MD5}

ldapi has a built in ssf of 71, you either reduce your ssf
definition or add a transport declaration, see man slapd.conf(5)


Dieter Klünter | Systemberatung
GPG Key ID:01443B53