Thank you!

David

On Sep 2, 2014, at 18:10, Rich Megginson <rmeggins@redhat.com> wrote:

On 09/02/2014 06:56 PM, David Barr wrote:
Good Morning!

I’m having a bad time finding documentation on how I would set up my 389-ds to only listen to localhost:389, and require all other connections to happen on port 636. The server is headless, so using the console is less than optimum.

Has anything like that been written?
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#cnconfig-nsslapd_listenhost_Listen_to_IP_Address

https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#cnconfig-nsslapd_securelistenhost

You might also be interested in using ldapi + autobind instead of localhost
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#nsslapd-ldapilisten
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#nsslapd-ldapiautobind

use starttls instead of ldaps, and use nsslapd-minssf to require secure connections
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#nsslapd-minssf

Thanks!
David

--

David - Offbeat		http://dafydd.livejournal.com
dafydd - Online		http://pgp.mit.edu/
Battalion 4 - Black Rock City Emergency Services Department
	Integrity*Commitment*Communication*Support

----5----1----5----2----5----3----5----4----5----5----5----6----5----7--

Dr. Viktor Frankenstein enters into a body building competition
only to find he has seriously misunderstood the objective.






--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users

--

David - Offbeat http://dafydd.livejournal.com
dafydd - Online http://pgp.mit.edu/
Battalion 4 - Black Rock City Emergency Services Department
Integrity*Commitment*Communication*Support

----5----1----5----2----5----3----5----4----5----5----5----6----5----7--

Dr. Viktor Frankenstein enters into a body building competition
only to find he has seriously misunderstood the objective.