You could use IPTABLES As well and not have to play with the configuration of FDS but I am sure you already figured this out.<br><br>Edward<br><br><div><span class="gmail_quote">On 5/7/07, <b class="gmail_sendername">ashley
</b> <<a href="mailto:ashley@csse.uwa.edu.au">ashley@csse.uwa.edu.au</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>Yes I thought about that, but I'm supporting some legacy Linux/Unix<br>system which I provide LDAP/NIS auth from the Directory Server.<br><br>I don't really want to break things, I'm just phasing things out
<br>gradually.<br><br> Cheers then, Ashley<br><br><br>On Fri, 4 May 2007, Richard Megginson wrote:<br><br>> ashley wrote:<br>>><br>>> It depends on your distribution but pretty much all the same as I found it
<br>>> you have to edit ldap.conf but you may have to do a little bit of fiddling<br>>> before you can get it working.<br>>><br>>> Anyways I've got this also documented on my web site<br>>>
<br>>> <a href="http://www.csse.uwa.edu.au/~ashley/">http://www.csse.uwa.edu.au/~ashley/</a><br>>><br>>> Look at LDAP Fedora Directory Server HOWTO with SSL & NOSSL for Unix/ Linux<br>>> / MacOSX / Windows Client Binding document.
<br>>><br>>> Look at section 3.3 Binding Linux/Unix Machines to LDAPs.<br>>><br>>> I've did this last year and should still be applicable.<br>> Thanks Ashley.<br>><br>> Another trick you can use on the server side is to just shut off the
<br>> non-secure port by using a value of 0 for cn=config nsslapd-port. Then the<br>> server will only listen for LDAPS requests.<br>>><br>>> Regards Ashley<br>>><br>>><br>
>> On Thu, 3 May 2007, Eric Brown wrote:<br>>><br>>>> I have got SSL set up and working, but I have not figured out how I<br>>>> can require that users only connect through a secure connection (SSL
<br>>>> or TLS) and deny access to cleartext communication.<br>>>><br>>>> I was able to do this with OpenLDAP, but it was done in the slapd.conf<br>>>> file. I have not found any documentation on how to set it up or if it
<br>>>> is even possible with FDS.<br>>>><br>>>> Is there any doc or does anyone have any information on how to do this?<br>>>><br>>>> Thanks<br>>>> Eric<br>>>>
<br>>>> --<br>>>> Fedora-directory-users mailing list<br>>>> <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>>>> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users">
https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>>>><br>>>><br>>>> !DSPAM:272,4639f614145012118015795!<br>>>><br>>><br>><br>><br>> !DSPAM:272,463b48cc91651926681497!
<br>><br><br>--<br>Ashley Chew - Systems Administrator<br>School of Computer Science and Software Engineering<br>University of Western Australia<br>Tel: (+61 8) 6488 7082 - Fax: (+61 8) 6488 1089<br>Ashley[@]csse.uwa.edu.au -
<a href="http://www.csse.uwa.edu.au/~ashley">http://www.csse.uwa.edu.au/~ashley</a><br><br>"There is no such thing as Fate, Fate is what you make of it!"<br><br>--<br>Fedora-directory-users mailing list<br><a href="mailto:Fedora-directory-users@redhat.com">
Fedora-directory-users@redhat.com</a><br><a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br></blockquote></div><br>