[Fedora-directory-users] Authenticate before querying ldap.
Ivan Ferreira
iferreir at personal.com.py
Thu Jan 24 15:03:54 UTC 2008
One way will be by modifying the ACIs to do not allow anonymous read access
to attributes.
Not sure if there is an "easy way" to disable anonymous access to the
directory in the Console.
Para
"General discussion list for the
Fedora Directory server
"mallapadi niranjan" project."
<niranjan.ashok at gmail.co <fedora-directory-users at redhat.c
m> om>
Enviado por: cc
fedora-directory-users-b
ounces at redhat.com Asunto
Re: [Fedora-directory-users]
24/01/2008 11:57 a.m. Authenticate before querying
ldap.
Clasificación
Uso Interno
Por favor, responda a
"General discussion list
for the Fedora Directory
server project."
<fedora-directory-users@
redhat.com>
On Jan 24, 2008 4:37 PM, <shivaraj.shivanna at wipro.com> wrote:
Hi,
Our organization has an AD server running which requires you to bind
to it first before querying the server.
For example commands like
ldapsearch -x -h "some ip" "(cn=abcd)" -b "some base" would fail
with LdapErr: DSID-0C090627, comment: In order to perform this
operation a successful bind must be completed on the connection.
but commands like
ldapsearch -x -h "some ip" "(cn=abcd)" -b "some base" -D "some
user dn" -W would work on entering correct password.
How can we replicate this behavior with the fedora directory server ?
through access control lists, you can disable anonymous access and specify
authorization
You can refer the below
http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Access_Control-Default_ACIs.html
http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Access_Control-Access_Control_Usage_Examples.html
Regards,
Shivraj
--
Fedora-directory-users mailing list
Fedora-directory-users at redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Fedora-directory-users mailing list
Fedora-directory-users at redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
========================================================================================
AVISO LEGAL: Esta información es privada y confidencial y está dirigida
únicamente a su destinatario. Si usted no es el destinatario original de
este mensaje y por este medio pudo acceder a dicha información por favor
elimine el mensaje. La distribución o copia de este mensaje está
estrictamente prohibida. Esta comunicación es sólo para propósitos de
información y no debe ser considerada como propuesta, aceptación ni como
una declaración de voluntad oficial de NUCLEO S.A. La transmisión de
e-mails no garantiza que el correo electrónico sea seguro o libre de error.
Por consiguiente, no manifestamos que esta información sea completa o
precisa. Toda información está sujeta a alterarse sin previo aviso.
This information is private and confidential and intended for the
recipient only. If you are not the intended recipient of this message you
are hereby notified that any review, dissemination, distribution or
copying of this message is strictly prohibited. This communication is for
information purposes only and shall not be regarded neither as a proposal,
acceptance nor as a statement of will or official statement from NUCLEO
S.A. . Email transmission cannot be guaranteed to be secure or error-free.
Therefore, we do not represent that this information is complete or
accurate and it should not be relied upon as such. All information is
subject to change without notice.
More information about the 389-users
mailing list