Environment
Novell eDirectory 8.8 for Solaris
Novell eDirectory 8.8 for Linux
Situation
Sometimes it may be desired to disable the clear-text / unsecure port that eDirectory listens on for iMonitor access. The port iMonitor listens on by default in versions 8.8.x is 8028.
Resolution
There are a two ways to address this:
1. Create a firewall rule or ip filter to block it.
1. Create a firewall rule or ip filter to block it.
2. There is a parameter that can be created in the nds.conf file that will force redirection to the secure port (normally 8030).:
Add the following parameter to the file if it does not already exist:
http.server.auth-req-tls=1
A value of "1" tells the HTTP server that authentication requires TLS. This means if a user comes in on clear text port, the traffic will be redirected to TLS port. There will be no communication occurring on this clear text port if this parameter is set to "1" (though the HTTP server will continue to listen on it).