On 09/02/2014 06:56 PM, David Barr wrote:https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#cnconfig-nsslapd_listenhost_Listen_to_IP_AddressGood Morning! I’m having a bad time finding documentation on how I would set up my 389-ds to only listen to localhost:389, and require all other connections to happen on port 636. The server is headless, so using the console is less than optimum. Has anything like that been written?
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#cnconfig-nsslapd_securelistenhost
You might also be interested in using ldapi + autobind instead of localhost
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#nsslapd-ldapilisten
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#nsslapd-ldapiautobind
use starttls instead of ldaps, and use nsslapd-minssf to require secure connections
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#nsslapd-minssfThanks! David -- David - Offbeat http://dafydd.livejournal.com dafydd - Online http://pgp.mit.edu/ Battalion 4 - Black Rock City Emergency Services Department Integrity*Commitment*Communication*Support ----5----1----5----2----5----3----5----4----5----5----5----6----5----7-- Dr. Viktor Frankenstein enters into a body building competition only to find he has seriously misunderstood the objective.-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users