[Freeipa-users] Restricting access to unencrypted LDAP connections
Prashant Bapat
prashant at apigee.com
Wed Nov 18 06:24:54 UTC 2015
Hi,
We have a pair of freeipa servers (4.1.4) and a bunch of Linux clients
configured to talk to them thru pam-nss-ldapd (no sssd). I want to ensure
that these clients only talk to freeipa's LDAP server either via ldaps or
ldap+starttls. Plain ldap should not be allowed.
I can always switch to ldaps only and close the tcp/389 port on the
firewall. But is there a way to achieve this using tcp/389 port.?
Any suggestions appreciated.
Thanks.
--Prashant
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20151118/45594692/attachment.htm>
More information about the Freeipa-users
mailing list