On Wed, 1 Dec 2010, Christian Bösch wrote:
> * start slapd and check with ldapsearch that that ssf= value
actually is
> present in cn=config
>
as i expect: olcSecurity: ssf=0 tls=0 simple_bind=0 update_ssf=0
> * verify that you're getting behavior that matches what cn=config says
now i'm getting Confidentiality required (13) for all binds, also for the
excluded ips in the ACL
that is not as it should be.
No, doesn't sound like it is. Are you verifying this with a current
version (2.4.23 or RE24/HEAD CVS)? If so, this is probably worthy of an
ITS (
http://www.openldap.org/its/).