diff options
author | Nathan Kinder <nkinder@redhat.com> | 2009-05-29 08:38:35 -0700 |
---|---|---|
committer | Nathan Kinder <nkinder@redhat.com> | 2009-05-29 09:00:35 -0700 |
commit | 4d32ce1809dfead6697404edaff066608c4bad9d (patch) | |
tree | 613ad3e9010bffb1f9e5d03ce4aadc921c335b43 /ldap/ldif | |
parent | 67aca96ae2c53f74f896439840a82cbccbeb34cf (diff) | |
download | ds-4d32ce1809dfead6697404edaff066608c4bad9d.tar.gz ds-4d32ce1809dfead6697404edaff066608c4bad9d.tar.xz ds-4d32ce1809dfead6697404edaff066608c4bad9d.zip |
Add require secure binds switch.
This adds a new configuration attribute named
nsslapd-require-secure-binds. When enabled, a simple bind
will only be allowed over a secure transport (SSL/TLS or a
SASL privacy layer). An attempt to do a simple bind over
an insecure transport will return a LDAP result of
LDAP_CONFIDENTIALITY_REQUIRED. This new setting will not
affect anonymous or unauthenticated binds.
The default setting is to have this option disabled.
Diffstat (limited to 'ldap/ldif')
-rw-r--r-- | ldap/ldif/template-dse.ldif.in | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/ldap/ldif/template-dse.ldif.in b/ldap/ldif/template-dse.ldif.in index 54a9c4f4..82326d55 100644 --- a/ldap/ldif/template-dse.ldif.in +++ b/ldap/ldif/template-dse.ldif.in @@ -30,6 +30,7 @@ nsslapd-rewrite-rfc1274: off nsslapd-return-exact-case: on nsslapd-ssl-check-hostname: on nsslapd-allow-unauthenticated-binds: off +nsslapd-require-secure-binds: off nsslapd-port: %ds_port% nsslapd-localuser: %ds_user% nsslapd-errorlog-logging-enabled: on |