8398 – Access to LDAP Server with wrong passord

Issue 8398 - Access to LDAP Server with wrong passord

Summary: Access to LDAP Server with wrong passord

Status:	VERIFIED INVALID

Alias:	None

Product:	OpenLDAP
Classification:	Unclassified
Component:	slapd (show other issues)
Version:	2.4.43
Hardware:	All All

Importance:	--- normal
Target Milestone:	---
Assignee:	OpenLDAP project

URL:
Keywords:

Depends on:
Blocks:

Reported:	2016-04-07 13:48 UTC by cheu.kuoch@4tpm.fr
Modified:	2020-03-22 22:28 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.

Description cheu.kuoch@4tpm.fr 2016-04-07 13:48:11 UTC

Full_Name: cheu KUOCH
Version: 2.4.43
OS: Windows 7 
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (109.1.238.212)


Hi,

I am a new openLDAP 2.4.43 library user.
My application can binds to a LDAP Server and get attributs no problem, even
with a wrong password

Could you tell me how to make the server control the password ?

Thank you in advance.
 
Cheu KUOCH

-----------------------------

Summary of my code:

ldap_initialize (&ldap, ldap_urls)
ldap_set_option (ldap, LDAP_OPT_PROTOCOL_VERSION, &ldap_version)
ldap_set_option (ldap, LDAP_OPT_SIZELIMIT, &size_limit)
ldap_sasl_bind_s (ldap, bind_dnp, LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL)
ldap_search_ext (...)
for (msgcount=0; ....)
{
    ldap_result (...)
    ldap_first_attribute (...)
    while (...)
    {
        ldap_get_values_len (...)
        ldap_next_attribute (...)
    }
}
ldap_unbind_ext_s(...)

Comment 1 Quanah Gibson-Mount 2018-01-15 16:10:56 UTC

published 8398
marked public

Comment 2 Quanah Gibson-Mount 2020-03-22 22:27:56 UTC

Sounds like the server allows anonymous access, which is why the invalid password doesn't matter.

In any case, this is a usage question, not a bug report.  Usage questions belong on the -technical email list.