[Freeipa-users] Restricting access to unencrypted LDAP connections
Ludwig Krispenz
lkrispen at redhat.com
Wed Nov 18 07:56:33 UTC 2015
you could set minssf:
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Administration_Guide/SecureConnections.html#requiring-secure-connections
On 11/18/2015 07:24 AM, Prashant Bapat wrote:
> Hi,
>
> We have a pair of freeipa servers (4.1.4) and a bunch of Linux clients
> configured to talk to them thru pam-nss-ldapd (no sssd). I want to
> ensure that these clients only talk to freeipa's LDAP server either
> via ldaps or ldap+starttls. Plain ldap should not be allowed.
>
> I can always switch to ldaps only and close the tcp/389 port on the
> firewall. But is there a way to achieve this using tcp/389 port.?
>
> Any suggestions appreciated.
>
> Thanks.
> --Prashant
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20151118/edfac398/attachment.htm>
More information about the Freeipa-users
mailing list