I've been using the Symas OpenLDAP debian packages, and following the Quick-Start guide for 2.5: https://www.openldap.org/doc/admin25/quickstart.html

Following steps 1 - 10 has been straight forward, but when I get to step 11 (Add initial entries to your directory), I run into trouble when running the ldapadd command:

root@openldap-x:/opt/symas/etc/openldap# ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f bootstrap.ldif
Enter LDAP Password:
ldap_bind: Confidentiality required (13)
additional info: confidentiality required
root@openldap-x:/opt/symas/etc/openldap# 

I used the provided slapd.ldif.default to seed the cn=config (updating it with the appropriate domain components), as per the instructions in the Quick-Start, so slapd isn't yet configured to run with ssl or starttls. Is there a default SSF factor that I should adjust to get past this bootstrapping failure? I don't see anything like that explicitly set in the configs that were rendered into /opt/symas/etc/openldap/slapd.d, from my slapd.ldif.

I'm not new to openldap, but this is the first time I've used the Symas packages and also the first time trying to use olc instead of a slapd.conf based configuration.

Ben