[Date Prev][Date Next]
Re: ldapmodify -Y EXTERNAL failure - Confidentiality required (13)
On Tue, Jul 24, 2018 at 10:38:10AM -0700, Mark Foster wrote:
The log says
slapd: conn=6619437 op=0
mech=EXTERNAL sasl_ssf=0 ssf=71
This is my olcSecurity setting:
olcSecurity: ssf=128 simple_bind=128
How would I fix this? It seems to be a catch-22.
The olcLocalSSF setting controls the SSF assigned to ldapi://
connections. Your log above shows that your connection got an SSF of 71,
which is the default value for olcLocalSSF; meanwhile you've configured
olcSecurity to require a minimum of 128. So you need to increase
olcLocalSSF to at least 128, or reduce olcSecurity.