How to prevent the use of NULL ciphers on LDAP Server?
The parameter TLSCipherSuite can be coded on the SLAPD configuration file to specify a list of TLS cipher suites in order of preference.
The cipher string for the TLSCipherSuite parameter to prevent the use of NULL ciphers should have the combination of the action-character (!) and the keyword (NULL), resulting in the string !NULL.
This is an example of a cipher string using !NULL:
The complete list of action-characters, keywords and also some examples on how to build a cipher string can be found on this document under the TLSCipherSuite section.