[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8551) allow bind_anon_cred in slapd.conf does not work

To: openldap-its@OpenLDAP.org
Subject: (ITS#8551) allow bind_anon_cred in slapd.conf does not work
From: yelin@venustech.com.cn
Date: Thu, 15 Dec 2016 21:37:54 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: yelin
Version: 2.4.44
OS: win7
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (106.37.236.166)


Hello,
This is yelin from venusTech.inc reporting OpenLDAP server configure file
issue.
To be specific, "allow bind_anon_cred" in slapd.conf does not work as expected.
Please help to look at the issue and help my business application move on.

"Unauthenticated bind mechanism" is specified in LDAP RFC 4153.
My application has the business logic requires "Unauthenticated bind mechanism".

And my application depends on OpenLDAP Sever.
OpenLDAP claims to support it by specifying "allow bind_anon_cred" in
slapd.conf. (http://www.openldap.org/doc/admin24/security.html)
But the "allow bind_anon_cred" in slapd.conf does not work as expected.

Enviroment:
OpenLDAP version 2.4.44
OS: Win7

Detail Steps:
1. Install OpenLDAP server with all default settings.
2. Create a new myuser/mypwd. 
    2.1 Test bind "myuser"/"mypwd" completes as expected.
    2.2 Test bind "myuser"/"" to see the Exception as expected.
        connection.bind( "uid=myuser,ou=people,dc=maxcrc,dc=com", "" );
        unauthenticeded bind (DN with no password) disallowed
3. Modify slapd.conf, add a line "allow bind_anon_cred", save it.
4. Restart the server.
5. Test "myuser"/"" 
6. Unexpected Result. 
    There is unauthenticated bind disallowed Exception.

Could you please help fix the issue?
My business application can not run well without OpenLDAP "Unauthenticated bind
mechanism".

Thanks,
yelin

Prev by Date: (ITS#8550) aa
Next by Date: Re: (ITS#8551) allow bind_anon_cred in slapd.conf does not work
Index(es):
- Chronological
- Thread