[Date Prev][Date Next]
Re: require StartTLS
If you want to disable simple bind (password) etc. without encryption,
you might go along the lines:
security ssf=1 update_ssf=112 simple_bind=112
>>> Am Sun, 26 Feb 2012 11:49:14 +0100
>>> schrieb Daniel Pocock <email@example.com>:
>>>> Is there some way to ensure that a client who connects on port 389
>>>> can do nothing without StartTLS?
>>>> Or is it necessary to just disable port 389 and only listen for
>>>> ldaps:/// ?
That would be another option, its feasibility depending on your environment.
kind regards /markus