[Freeipa-users] Restricting access to unencrypted LDAP connections
Prashant Bapat
prashant at apigee.com
Wed Nov 18 09:23:24 UTC 2015
Exactly what I was looking for! Thank you!!
On 18 November 2015 at 13:26, Ludwig Krispenz <lkrispen at redhat.com> wrote:
> you could set minssf:
>
> https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Administration_Guide/SecureConnections.html#requiring-secure-connections
>
>
> On 11/18/2015 07:24 AM, Prashant Bapat wrote:
>
> Hi,
>
> We have a pair of freeipa servers (4.1.4) and a bunch of Linux clients
> configured to talk to them thru pam-nss-ldapd (no sssd). I want to ensure
> that these clients only talk to freeipa's LDAP server either via ldaps or
> ldap+starttls. Plain ldap should not be allowed.
>
> I can always switch to ldaps only and close the tcp/389 port on the
> firewall. But is there a way to achieve this using tcp/389 port.?
>
> Any suggestions appreciated.
>
> Thanks.
> --Prashant
>
>
>
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20151118/329e42d2/attachment.htm>
More information about the Freeipa-users
mailing list