[Freeipa-users] Getting Minimum SSF not met.
Deepak Dimri
deepak_dimri at hotmail.com
Thu Oct 20 12:03:35 UTC 2016
Hi All,
I wanted to enable secure LDAP connection on freeIPA but alas after changing cn=config
nsslapd-minssf from 0 to 128 i am getting below error:
ipactl restart
Failed to read data from Directory Service: Unknown error when retrieving list of services from LDAP: Server is unwilling to perform: Minimum SSF not met.
Shutting down
When trying to put back the original nsslapd-minssf to "0" i am getting below error:
modifying entry "cn=config"
ldap_modify: Server is unwilling to perform (53)
additional info: Minimum SSF not met.
I tried below configuration but still getting unwilling to perform (53) Minimum SSF not met Error.
dn: cn=config
changetype: modify
replace: nsslapd-minssf
nsslapd-minssf: 10
-
replace: nsslapd-allow-anonymous-access
nsslapd-allow-anonymous-access: on
-
replace: nsslapd-minssf-exclude-rootdse
nsslapd-minssf-exclude-rootdse: off
I am following the steps mentioned here: https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/SecureConnections.html
Chapter 14. Configuring Secure Connections - Red Hat Support<https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/SecureConnections.html>
access.redhat.com
By default, clients and users connect to the Red Hat Directory Server over a standard connection. Standard connections do not use any encryption, so information is ...
How can i get LDAPS working on my FreeIPA?
Many Thanks,
Deepak
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20161020/2a94c463/attachment.htm>
More information about the Freeipa-users
mailing list