Re: ldapi -> "Confidentiality required" problem

["Dieter Kluenter" <dieter@dkluenter.de>]

Gunnar Frenzel <Gunnar_Frenzel@web.de> writes:

> Hello,
>
> I've configured openldap (v2.4.16 on FreeBSD 7.2) to listen on ldaps
> (with self signed certificate) as well as ldapi.
[...]
> security ssf=128
[...]
> Connecting to ldaps (port 636) with clients such as Thunderbird,
> Apache Directory Studio works fine. But when I try to connect via
> ldapi (port 389) from a webmail tool on the same server I always get
> the error "Confidentiality required" from openldap. I want to connect
> to ldapi (as it is local on the server) without TLS or other
> encryption but openldap doesn't seem to allow that in my
> configuration. I tried localSSF set to 0 which doesn't make any
> difference...

The hard coded ssf for ldapi is 71, so you have to reduce security
ssf.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dpunkt.de/buecher/2104.html
sip: +49.180.1555.7770535
GPG Key ID:8EF7B6C6
53°08'09,95"N
10°08'02,42"E