[CentOS] LDAP authentication on a remote server (via ldaps://) [SOLVED]

Thu Oct 7 09:43:06 UTC 2010
Miguel Medalha <miguelmedalha at sapo.pt>

> The reason why I (think I) need both is that many third party apps on
> the server (PHP applications typically) do not easily manage StartTLS.
> Meanwhile, having two different ports make it easier to manage via iptables.

You can also use StartTLS over the network and LDAPI (connection over 
Unix sockets, which are inherently secure) for apps running on the 
server. I use it, both with OpenLDAP and 389 Directory Server (a.k.a. 
Fedora DS, Red Hat DS).