LDAPS is the secure form of the LDAP protocol and it relies on signed certificates for validation. This is a brain dump on an example of how to automatically deploy and renew signed certificates using ACME and use it for LDAPS.

Last year I did a presentation on EduRoam Analytics. Here is a brief summary of the presentation slides.

Check out my blog post for AusCERT on using misp with AWS.

Quirks

389ds is weird when it comes to configuration. There isn’t much to be found of a configuration file anywhere but instead the ldap configuration is stored in ldap itself. 389ds will always store a local copy of the configuration from a stance of ‘this is how it looked when it worked last’ so if you break the configuration you can still recover.

Check out my blog post for AusCERT on password reuse.