Matthew Hardin wrote:
Craig said: [...]
I know about the "-x" option. But, once that happens, it looks like the passwords are sent in clear text. (I did some packet traces and that's what it looks like to me.)
That would only happen because an SSL or TLS connection is not being established. See slapd.conf(5) and ldap.conf(5) for information on forcing OpenLDAP to use SSL or TLS connections.
Using ldapsearch -d 7 -x -D <yourdn> -w <yourpassword> ... will show you if a successful SSL handshake is taking place. If it is not, then there will be no encryption.
It looks like there is NO encryption. But, I'm not really sure what I am looking for...
date. You will probably have better luck on this list (and ultimately with the software itself) if you upgrade to a current version of OpenLDAP. There
I compiled and installed 2.3.35, so, that's one less thing to worry about. :)
I just got the new version running, so I haven't tweaked anything yet. I just thought I'd see if you had any more ideas...
TIA