Joshua Schaeffer wrote:
On 02/18/2016 03:19 AM, Dieter Klünter wrote:
ssf=x specifies the overall security, a value '1' enables security. This setting would meet your requirements: olcSecurity: ssf=1 sasl=56 tls=256
I updated olcSecurity
To the exact value Dieter mentioned above?
and now I get the following when using simple auth:
root@immortal:/var/log/kerberos# ldapsearch -LLL -x -D cn=admin,dc=harmonywave,dc=com -W -H ldap://baneling.harmonywave.com/????starttls -b dc=harmonywave,dc=com Enter LDAP Password: ldap_bind: Confidentiality required (13) additional info: SASL confidentiality required
You're not using a SASL bind mech at all. So no wonder why it fails due to sasl=56.
Do not guess. Read the man page for the exact meaning of all this.
Ciao, Michael.