LDAP server: authentication options, or just disable?

[crrobinson14]

The built-in LDAP server doesn't appear to require any authentication before it may be queried. I'm not talking about TLS or similar, but even requiring a password to execute a query. Should we simply disable the internal LDAP server and deploy an OpenLDAP environment, or is there a way to secure the internal LDAP server? The internal arrangement would be nice for small sites that don't have extensive directory requirements, since you'd only have to add the user in one location...

[zandrew]

Hi,
you can go to www.openmail.com,
search for "OTN" and find "OpenMail Technical Notes"
including the couple of omLDAP papers.
There you can find everything about.