You have also this (starting from version 1.2.1) :
* Add require secure binds switch
o This adds a new configuration attribute named
nsslapd-require-secure-binds. When enabled, a simple bind will only be
allowed over a secure transport (SSL/TLS or a SASL privacy layer). An
attempt to
> I'm evaluating the migrating of an openldap installation to
> > 389 directory server (ca 1200 user objects).
> > With openldap I can restrict client authentication to ssl/tls ldap
> > connections and
> > in parallel allow anonymous (unencrypted) access to items like phone
> number etc.
> > (slap
