You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When LDAP_ENFORCE_TLS is enabled, the olcSecurity is set to tls=1, which effectively disables the ldapi:/// protocol (since it's not TLS). This means that all modifications to cn=config made after setting olcSecurity: tls=1 are silently ignored. The only way to see that stuff fails is to pass --loglevel debug.
This should be solved by adding olcLocalSSF: 128 in docker-openldap/image/service/slapd/assets/config/tls/tls-enforce-enable.ldif as per the slapd.conf man page. This should solve issues like #92 where it's impossible to change cn=config settings via ldapi:///
The text was updated successfully, but these errors were encountered:
g5pw
changed the title
LDAP_ENFORCE_TLS is not working correctly
LDAP_ENFORCE_TLS is not working correctly
Jan 30, 2017
When
LDAP_ENFORCE_TLS
is enabled, theolcSecurity
is set totls=1
, which effectively disables theldapi:///
protocol (since it's not TLS). This means that all modifications tocn=config
made after settingolcSecurity: tls=1
are silently ignored. The only way to see that stuff fails is to pass--loglevel debug
.This should be solved by adding
olcLocalSSF: 128
indocker-openldap/image/service/slapd/assets/config/tls/tls-enforce-enable.ldif
as per the slapd.conf man page. This should solve issues like #92 where it's impossible to changecn=config
settings vialdapi:///
The text was updated successfully, but these errors were encountered: