Sir/Madam:

 

I successfully set up TLS on both openldap server and client through port 389 on ubuntu.

I didn't use SSL through port 636.

However, I found non encrypted/clear text connections can be made through port 389

to the openldap server as well.

How can I enforce TLS connection only and reject any non encrypted connections?

Should I use olcAccess or olcSecurity? or both? I couldn't find any detailed steps/documentation

about it. Please note, I am not use slapd.conf which is for older version of openldap.



Thanks a lot!

Yan