I want to ensure any connections to our ldap server from outside our domain are encrypted.
I've tried this by adding the following to my acls (All other access is the same)
access to *
by peername.ip=138.251.0.0%255.255.0.0 none break
by ssf=128 none break
by * none
Is this a sensible solution? It seems like a bit of a hack to me.
Cheers,
Duncan
