mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-02-23 14:09:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

Clarify unprotected simple bind settings

Browse Source
This commit is contained in:
Kurt Zeilenga 2002-10-08 01:07:12 +00:00
parent 36fca96695
commit 2fd41add70
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/guide/admin/security.sdf
View File

@ -146,6 +146,11 @@ is protected by other means (e.g., TLS, {{TERM:IPSEC}}). Where the
administrator relies on TLS to protect the password, it is recommended
that unprotected authentication be disabled. This is done by setting
"{{EX:disallow bind_simple_unprotected}}" in {{slapd.conf}}(5).
The level of confidential protection to require can be adjusted
using the {{overall}} security strength factor using the {EX:security}}
directive. If this factor is not set (or set to integrity only),
any confidentiality protection is sufficient.
The user/password authenticated bind mechanism can be completely
disabled by setting "{{EX:disallow bind_simple}}".