The focus of this chapter has been OpenLDAP security, and we have covered a lot of ground. We began with connection-level security, where we configured SSL/TLS encryption for our directory server. We used StartTLS over the standard LDAP port, and also configured the older (LDAP v2) LDAPS protocol on port 636. Next, we looked at the process of authenticating to the LDAP. In that part we covered both simple binding and SASL binding. Finally, we took a detailed look at access control lists (ACLs), finishing the chapter with a basic set of ACLs.

In the next chapter we will look at advanced configuration of OpenLDAP's SLAPD server. We will configure our server to host multiple backend databases and we will use directory overlays to add powerful ...