[Date Prev][Date Next] [Chronological] [Thread] [Top]

port level security for auth and anon

I am looking for help with setup of security with my openldap config. 
I currently have RHEL 6 with ldap:// and ldaps:// working for both auth binds and anon binds. 
What I want to do is allow anon binds on ldap://   and require authentication over an encrypted stream on ldaps://
my current access is set to:
access to attrs=userPassword  
    by anonymous auth
    by self read
    by * none
access to *
    by * read
I do not have a security statement in my slapd.conf. 
I have tried a few things such as changing the userpassword access to:
access to userPassword
> by anonymous auth sasl_ssf=128 break
> by anonymous auth tls=128
> by self read
but the syntax is not correct and the config will not load with above.
Any help would be great.
Chris Jackson