389 Directory Server TLS Client CentOS

389 Directory Server TLS Client CentOS

This blog is about joining a PC/server to 389 directory server as a client using TLS. For ease of use, we wrote a script, here it is!


# Created by Andrew Zwieg 10/22/2014
# Version 1.15
# Add/Upgrade LDAP authentication to TLS


# Update LDAP to Secure LDAP
echo "TLS_REQCERT allow" >> /etc/openldap/ldap.conf
echo "tls_reqcert allow" >> /etc/nslcd.conf
echo "tls_reqcert allow" >> /etc/pam_ldap.conf

# Configure LDAP configuration (Insecure)
authconfig –enableldaptls –enableldapauth –ldapserver=server1,server2 –ldapbasedn="dc=domain,dc=local" –update
echo LDAP authentication configured…


  1. touch scriptname.sh
  2. Insert above data (edit for your environment)
  3. chmod +x scriptname.sh
  4. ./scripname.sh


That's it! You have successfully configured a TLS 389 Directory Server Client.


Hosted Linux Servers at www.zwiegnet.com/go