[CentOS] LDAP authentication on a remote server (via ldaps://) [SOLVED]

[Mathieu Baudier]

> One possible solution is to have the main LDAP server addressable only
> via STARTTLS and a non-SSL, read-only slave on a different host that's
> visible only to your LAN.

Very interesting.
It would also address some concerns I had with all these third-party
LDAP plugins having (potential) write access to the repo.

Thanks a lot for the idea!