[Freeipa-devel] 43 Inherit nssldap security access settings during replica install

Rob Crittenden rcritten at redhat.com
Wed Feb 29 22:28:02 UTC 2012


JR Aquino wrote:
> When making adjustments to increase the bind security settings of a FreeIPA server, it is best practice to inherit those settings when installing a new replica server.
>
> Inherit the following bind security settings when performing a replica install:
> 'nsslapd-allow-unauthenticated-binds',
> 'nsslapd-require-secure-binds',
> 'nsslapd-allow-anonymous-access',
> 'nsslapd-minssf'
>
> https://fedorahosted.org/freeipa/ticket/1930
>

NACK

There is a connection helper in service.py you can use, ldap_connect().

Use it like:

     if not self.admin_conn:
         self.ldap_connect()

      x = self.conn.addEntry(foo)




More information about the Freeipa-devel mailing list