On Dec 1, 2010, at 15:19 , Aaron Richton wrote:
On Wed, 1 Dec 2010, Christian Bösch wrote:
>> * start slapd and check with ldapsearch that that ssf= value actually is
>> present in cn=config
>>
> as i expect: olcSecurity: ssf=0 tls=0 simple_bind=0 update_ssf=0
>
>> * verify that you're getting behavior that matches what cn=config says
>
> now i'm getting Confidentiality required (13) for all binds, also for the
> excluded ips in the ACL
> that is not as it should be.
No, doesn't sound like it is. Are you verifying this with a current
version (2.4.23 or RE24/HEAD CVS)? If so, this is probably worthy of an
ITS (
http://www.openldap.org/its/).
i compiled it from freebsd ports. version 2.4.21.