Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LDAP_ENFORCE_TLS is not working correctly #107

Closed
g5pw opened this issue Jan 30, 2017 · 0 comments
Closed

LDAP_ENFORCE_TLS is not working correctly #107

g5pw opened this issue Jan 30, 2017 · 0 comments
Labels
bug Docker Image

Comments

@g5pw
Copy link

g5pw commented Jan 30, 2017

When LDAP_ENFORCE_TLS is enabled, the olcSecurity is set to tls=1, which effectively disables the ldapi:/// protocol (since it's not TLS). This means that all modifications to cn=config made after setting olcSecurity: tls=1 are silently ignored. The only way to see that stuff fails is to pass --loglevel debug.

This should be solved by adding olcLocalSSF: 128 in docker-openldap/image/service/slapd/assets/config/tls/tls-enforce-enable.ldif as per the slapd.conf man page. This should solve issues like #92 where it's impossible to change cn=config settings via ldapi:///
@g5pw g5pw changed the title LDAP_ENFORCE_TLS is not working correctly LDAP_ENFORCE_TLS is not working correctly Jan 30, 2017
@osixia osixia closed this as completed in 6163e40 Feb 16, 2017
@kopax kopax mentioned this issue Jun 28, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Docker Image
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@g5pw