--On Monday, January 18, 2021 3:52 AM +0000 shelke.sachitanand@gmail.com wrote:
Few queries I have for these openLDAP,
- Does Symas OpenLDAP or LTB OpenLDAP supports rolling updates?
Symas OpenLDAP on RHEL is a drop in replacement for the RHEL packages. You can use yum to update it when new builds are released.
- is there any way we can enable/disable SSL/Non-SSL mode for openldap..
Read the man pages and admin guide. Your question, however, is vague. Please expand on what you're asking. There's no such thing as an "SSL/Non_SSL" mode for the LDAP protocol. One can (optionally) use startTLS over ldap:///, one can require TLS with ldaps://, and one can mix the two. And it's possible to configure the slapd server to reject any connection that doesn't have a security factor of X.
a) I have installed symas openLDAP with default configuration andobserved its running in Non-SSL mode and running on 389 port.
That implies you don't understand the LDAP protocol.
b) I tried LTB openLDAP with default configuration and observed its going for SSL mode and observed its running on two ports 389 and 636
This also implies you don't understand the LDAP protocol.
Again, ldap:/// can be used both with or without startTLS. slapd can be configured to require all connections be encrypted, regardless of whether it's ldap:/// or ldaps:///
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com