LDAP ciphers aren't updating after modifying in iManager

  • 7021267
  • 30-Aug-2017
  • 30-Aug-2017

Environment

eDirectory

Situation

After updating an LDAP server object's ciphers and applying the changes, the same set of ciphers were still available for connections to the LDAP server.

Resolution

Cipher changes are one of the few things that require a restart of ldap services.  To restart ldap you can:
  • stop nldap (nldap -u) & start nldap (nldap -l)
  • restart eDirectory (rcndsd restart)

(Note: the linux commands are in parentheses).

Additional Information

To serve as a reminder, the iManager plug-in has been updated (in iManager 2.7 SP7 Patch 7 and later) to include the following message after modifying the cipher level:

                  

As the LDAP service is not automatically restarted when applying changes to the ldap server object, processes/services that rely on LDAP being up/available are no impacted (for example: current ldap binds and queries).