[389-users] Turn off anonymous bind
David Hoskinson
david.hoskinson at datatrak.net
Thu Nov 10 17:57:51 UTC 2011
We want to restrict all queries to authenticated queries. As our system sits now I can anonymously query and return ntlmpassword and see the hash as well as most other entries. We would like this to not be the case, and requires directory manager and pass or a similar approved user to do ldap queries.
I have set nslapd-allow-anonymous-access to off in advanced properties for config, and added the binddn string and bindpw string to /etc/ldap.conf on the 389 server machine. When I try to log back in, I get password authentication failed, please verify that the username and password are correct. If I turn the setting back to on, it works again.
Am I missing something... or is this not the correct method to achieve my goal.
Thanks.
David Hoskinson | DATATRAK International
Systems Engineer
Mayfield Heights, Ohio, USA
+1.440.443.0082 x 124 (p) | +1.216.280.5457 (m)
david.hoskinson at datatrak.net<mailto:david.hoskinson at datatrak.net> | www.datatrak.net<http://www.datatrak.net/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20111110/a7153da9/attachment.html>
More information about the 389-users
mailing list