Joshua Schaeffer wrote: > On 02/18/2016 03:19 AM, Dieter Klünter wrote: >> ssf=x specifies the overall security, a value '1' enables security. >> This setting would meet your requirements: >> olcSecurity: ssf=1 sasl=56 tls=256 > > I updated olcSecurity To the exact value Dieter mentioned above? > and now I get the following when using simple auth: > > root@immortal:/var/log/kerberos# ldapsearch -LLL -x -D > cn=admin,dc=harmonywave,dc=com -W -H > ldap://baneling.harmonywave.com/????starttls -b dc=harmonywave,dc=com > Enter LDAP Password: > ldap_bind: Confidentiality required (13) > additional info: SASL confidentiality required You're not using a SASL bind mech at all. So no wonder why it fails due to sasl=56. Do not guess. Read the man page for the exact meaning of all this. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature