26 Feb
2012
26 Feb
'12
9:27 a.m.
Look at the options for setting ssf (Security Strength Factors):
http://www.openldap.org/doc/admin24/access-control.html#Granting%20and%20Den...)
I typically setup a global minssf of 256 to ensure maximum security, when possible via the 'security minssf=256'.
re: man slapd.conf
HTH,
Joshua Miller ITSA Consulting, LLC http://itsecureadmin.com/
On Feb 26, 2012, at 2:49 AM, Daniel Pocock wrote:
Is there some way to ensure that a client who connects on port 389 can do nothing without StartTLS?
Or is it necessary to just disable port 389 and only listen for ldaps:/// ?