Hi all.

We'd like to make sure that the LDAP data on our network is encrypted, at least the data that contains sensitive information. We've set up TLS between on these communication links:

LDAP client <-> LDAP server (using StartTLS)
LDAP master <-> LDAP slave
Web browser <-> Admin server web console (i.e. https)

We have a pretty default installation of the directory server (which btw is Red Hat Directory Server v8.1.0). To my best knowledge, these links above should cover all relevant trafikk on the network, since the directory server, admins server and the console are all located on the same physical server. Does anyone agree or disagree?

Btw, if anyone knows of any nice diagrams that shows the different data links (i.e information flow) between the directory server components (such as admins server, console, main console, directory server, and so forth) please do post a link to this.

Best regards,

Kenneth Holter