A common question that comes up on the LDAP mailing list and among peers of mine who work with OpenLDAP is “how do I force clients to use secure connections […]

With the release of RHEL/CentOS 6.x there are some changes to the way clients authenticate using public keys over SSH with keys stored in OpenLDAP. I was able to get […]

Today I had an issue getting a good TLS connection from an OpenLDAP client to an OpenLDAP server on an EC2 instance using the packages supplied by Amazon. The problem […]

This tip assumes that OpenLDAP is currently running properly on port 389 without SSL/TLS configured and that the database is being used to store the config file via cn=config. 1. […]

The following syntax can be used to remove a user from an OpenLDAP group: $ ldapmodify -x -D “cn=manager,dc=example,dc=com” -W <<EOF > dn: cn=sshusers,ou=groups,dc=example,dc=com > changetype: modify > delete: memberUid […]