Re: ssf settings on server restart

On Wed, 1 Dec 2010, Christian Bösch wrote: >> * start slapd and check with ldapsearch that that ssf= value actually is >> present in cn=config >> > as i expect: olcSecurity: ssf=0 tls=0 simple_bind=0 update_ssf=0 > >> * verify that you're getting behavior that matches what cn=config says > > now i'm getting Confidentiality required (13) for all binds, also for the > excluded ips in the ACL > that is not as it should be. No, doesn't sound like it is. Are you verifying this with a current version (2.4.23 or RE24/HEAD CVS)? If so, this is probably worthy of an ITS (http://www.openldap.org/its/).