You can set nsslapd-port to 0 and that will disable the port.
See also:
https://www.port389.org/docs/389ds/howto/howto-listensslonly.html
HTH,
Mark
On 9/21/20 11:03 AM, Jan Tomasek wrote:
Hello, in past, I've created a simple plug-in for disabling authenticated binds over non-encrypted lines. But still allowing anonymous binds over LDAP. I did know about nsslapd-require-secure-binds but if recall correctly it is including SASL authenticated binds which I believe protects only user password and not transferred data. I published plug-in here: https://github.com/CESNET/389ds-plugin-ldapsonly but it is maybe obsoleted today. Today I think is TLS a must. Is it possible to disable 389 port at all? Or instruct 389 DS to bind port 389 on localhost?
_______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
-- 389 Directory Server Development Team
No comments:
Post a Comment