--On Thursday, February 07, 2013 4:27 PM +0100 Patrick Lists openldap-list@puzzled.xs4all.nl wrote:

Hi,

I've gone through slapd.access a couple of times but I can't wrap my head around the mountain of information. IMHO that man page could do with a few more examples for us mere mortals :-)

FYI: I was not able to find what ssf=<n>, transport_ssf=<n>, tls_ssf=<n>, sasl_ssf=<n> mean and which possible values (+ meaning of those values) I can set them too. Missing info?

Goal: allow 127.0.0.1 and ::1 non-TLS access and all other connections must use TLS.

Anyone perhaps have an example that can get me started?

Read the "security" bit from https://www.openldap.org/software/man.cgi?query=slapd.conf&apropos=0&sektion=0&manpath=OpenLDAP+2.4-Release&format=html to start.

Basically, you can very granularly set what security fact your want for various methods (SASL, TLS, etc).

--Quanah

--

Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration