[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8551) allow bind_anon_cred in slapd.conf does not work

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8551) allow bind_anon_cred in slapd.conf does not work
From: quanah@symas.com
Date: Thu, 15 Dec 2016 21:52:25 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

--On Thursday, December 15, 2016 9:37 PM +0000 yelin@venustech.com.cn wrote:

> To be specific, "allow bind_anon_cred" in slapd.conf does not work as

Hello,

This report is invalid.  The documentation clearly states:

bind_anon_cred allows anonymous bind when credentials are not empty (e.g. 
when DN  is
              empty).

I.e., bind_anon_cred allows you to bind with a ldapsearch -W or -w flag, 
but no -D flag provided.


You may be looking for:

bind_anon_dn  allows  unauthenticated (anonymous) bind when  DN  is  not 
empty.

Which allows one to bind anonymously rather than as a user, if the DN is 
specified.

I.e., if using ldapsearch, ldapsearch -D DN without a -W or -w would allow 
the bind to occur as an anonymous connection.

Hope that helps.

Regards,
Quanah


--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

Prev by Date: (ITS#8551) allow bind_anon_cred in slapd.conf does not work
Next by Date: (ITS#8552) Strange behaviour of attribute using password policy overlay
Index(es):
- Chronological
- Thread