How set a manual referral on a read only replica to specify LDAPS in stead of LDAP?

Solution Verified - Updated -


  • On the slaves we configure referrals to the master for updates (including nsslapd-state: referral on update)
  • Each master is automatically set and port 389 (ldap protocol) is used.
  • Our masters are configured with 'nsslapd-require-secure-binds: on', so use of port 389 without starttls is not allowed and updates are not possible, the master does not allow insecure communication.
  • Once I update the referral online by a ldapmodify and change it to 'ldaps://' it works fine.
  • But after a restart of dirsrv this referral is no longer there and the old referrals are back again
  • How can I prevent this auto update after a restart of dirsrv?


  • Red Hat Directory Server (RHDS) 9 and 10

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content