[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Re: (ITS#8546) "allow bind_anon_cred" in slapd.conf does not work as expected
This is a multi-part message in MIME format.
------=_001_NextPart714452840021_=----
Content-Type: text/plain;
charset="ISO-8859-1"
Content-Transfer-Encoding: base64
SGVsbG8gUXVhbmFoDQpJIGFtIGZpbmUgdG8gY2xvc2UgdGhpcyBJVFMuDQoNCkluIHRoaXMgY2Fz
ZSwgSSBvd2UgeW91IGEgJ1RoYW5rcycgZm9yIHJlc29sdmluZyB0aGUgaXNzdWUgaW4gbXkgcHJv
amVjdC4NCkJ1dCB0aGUgdXNlciBleHBlcmllbmNlIGlzIHBvb3IuDQpGcm9tIHRoZSBjdXN0b21l
cidzIHBvaW50IG9mIHZpZXcsIGl0IGlzIGhhcmQgdG8gZGV0ZXJtaW5lIGEgYnVnIG9yIGEgbWlz
dW5kZXJzdGFuZGluZyB3aGVuIHRoZSByZXN1bHQgaXMgdW5leHBlY3RlZC4gDQoNCkJlc3RzLA0K
DQoNCg0KDQp5ZWxpbkB2ZW51c3RlY2guY29tLmNuDQogDQpGcm9tOiBRdWFuYWggR2lic29uLU1v
dW50DQpEYXRlOiAyMDE3LTAzLTIyIDIzOjI2DQpUbzogeWVsaW47IG9wZW5sZGFwLWl0cw0KU3Vi
amVjdDogUmU6IChJVFMjODU0NikgImFsbG93IGJpbmRfYW5vbl9jcmVkIiBpbiBzbGFwZC5jb25m
IGRvZXMgbm90IHdvcmsgYXMgZXhwZWN0ZWQNCkhlbGxvIFllbGluLA0KIA0KVGhlIElUUyBzeXN0
ZW0gaXMgZm9yIGZpbGluZyBidWcgcmVwb3J0cywgbm90IGZvciBhc2tpbmcgaGVscCB3aXRoIHNs
YXBkIA0KY29uZmlndXJhdGlvbi4gIFRoZSBjb3JyZWN0IHJlc291cmNlIGZvciBjb25maWd1cmF0
aW9uIHF1ZXN0aW9ucyBpcyB0aGUgDQpvcGVubGRhcC10ZWNobmljYWwgbGlzdDoNCiANCjxodHRw
Oi8vd3d3Lm9wZW5sZGFwLm9yZy9saXN0cy9tbS9saXN0aW5mby9vcGVubGRhcC10ZWNobmljYWw+
DQogDQogDQpZb3VyIHVuZGVyc3RhbmRpbmcgb2YgaG93IHRoaXMgZmVhdHVyZSB3b3JrcyBpcyBp
bmNvcnJlY3QuICBBcyBub3RlZCBpbiB0aGUgDQpzbGFwZC5jb25mKDUpIG1hbiBwYWdlOg0KIA0K
YmluZF9hbm9uX2NyZWQgYWxsb3dzIGFub255bW91cyBiaW5kIHdoZW4gY3JlZGVudGlhbHMgYXJl
IG5vdCBlbXB0eSAoZS5nLiANCndoZW4gRE4gaXMgZW1wdHkpLg0KIA0KVGhlIG9wdGlvbiB5b3Ug
YXJlIGxvb2tpbmcgZm9yIGluIHlvdXIgY2FzZSBpczoNCiANCmJpbmRfYW5vbl9kbiAgYWxsb3dz
IHVuYXV0aGVudGljYXRlZCAoYW5vbnltb3VzKSBiaW5kIHdoZW4gRE4gaXMgbm90IGVtcHR5Lg0K
IA0KVGhpcyBJVFMgd2lsbCBiZSBjbG9zZWQuDQogDQpSZWdhcmRzLA0KUXVhbmFoDQogDQotLQ0K
IA0KUXVhbmFoIEdpYnNvbi1Nb3VudA0KUHJvZHVjdCBBcmNoaXRlY3QNClN5bWFzIENvcnBvcmF0
aW9uDQpQYWNrYWdlZCwgY2VydGlmaWVkLCBhbmQgc3VwcG9ydGVkIExEQVAgc29sdXRpb25zIHBv
d2VyZWQgYnkgT3BlbkxEQVA6DQo8aHR0cDovL3d3dy5zeW1hcy5jb20+DQogDQo=
------=_001_NextPart714452840021_=----
Content-Type: text/html;
charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
<html><head><meta http-equiv=3D"content-type" content=3D"text/html; charse=
t=3DISO-8859-1"><style>body { line-height: 1.5; }blockquote { margin-top: =
0px; margin-bottom: 0px; margin-left: 0.5em; }body { font-size: 10.5pt; fo=
nt-family: ????; color: rgb(0, 0, 0); line-height: 1.5; }</style></head><b=
ody>=0A<div><span></span>Hello <span style=3D"font-size: 10.5pt; line=
-height: 1.5; background-color: window;">Quanah</span></div><div>I am fine=
to close this ITS.</div><div><br></div><div><span style=3D"font-size: 10.=
5pt; line-height: 1.5; background-color: window;">In this case, I owe you =
a 'Thanks' for resolving the issue in my project.</span></div><div>But the=
user experience is poor.</div><div><span style=3D"font-size: 10.5pt; line=
-height: 1.5; background-color: window;">From the customer's point of view=
, it is hard to determine a bug or a misunderstanding when the result is u=
nexpected. </span></div><div><br></div><div>Bests,</div><div><br></di=
v>=0A<div><br></div><hr style=3D"width: 210px; height: 1px;" color=3D"#b5c=
4df" size=3D"1" align=3D"left">=0A<div><span><div style=3D"MARGIN: 10px; F=
ONT-FAMILY: verdana; FONT-SIZE: 10pt"><div>yelin@venustech.com.cn</div></d=
iv></span></div>=0A<blockquote style=3D"margin-top: 0px; margin-bottom: 0p=
x; margin-left: 0.5em;"><div> </div><div style=3D"border:none;border-=
top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm"><div style=3D"PADDING-R=
IGHT: 8px; PADDING-LEFT: 8px; FONT-SIZE: 12px;FONT-FAMILY:tahoma;COLOR:#00=
0000; BACKGROUND: #efefef; PADDING-BOTTOM: 8px; PADDING-TOP: 8px"><div><b>=
From:</b> <a href=3D"mailto:quanah@symas.com";>Quanah Gibson-Mount</a>=
</div><div><b>Date:</b> 2017-03-22 23:26</div><div><b>To:</b>&nb=
sp;<a href=3D"mailto:yelin@venustech.com.cn";>yelin</a>; <a href=3D"mailto:=
openldap-its@openldap.org">openldap-its</a></div><div><b>Subject:</b> =
;Re: (ITS#8546) "allow bind_anon_cred" in slapd.conf does not work as expe=
cted</div></div></div><div><div>Hello Yelin,</div>=0A<div> </div>=0A<=
div>The ITS system is for filing bug reports, not for asking help with sla=
pd </div>=0A<div>configuration. The correct resource for configurati=
on questions is the </div>=0A<div>openldap-technical list:</div>=0A<div>&n=
bsp;</div>=0A<div><http://www.openldap.org/lists/mm/listinfo/openldap-t=
echnical></div>=0A<div> </div>=0A<div> </div>=0A<div>Your und=
erstanding of how this feature works is incorrect. As noted in the <=
/div>=0A<div>slapd.conf(5) man page:</div>=0A<div> </div>=0A<div>bind=
_anon_cred allows anonymous bind when credentials are not empty (e.g. </di=
v>=0A<div>when DN is empty).</div>=0A<div> </div>=0A<div>The option y=
ou are looking for in your case is:</div>=0A<div> </div>=0A<div>bind_=
anon_dn allows unauthenticated (anonymous) bind when DN is not empty=
.</div>=0A<div> </div>=0A<div>This ITS will be closed.</div>=0A<div>&=
nbsp;</div>=0A<div>Regards,</div>=0A<div>Quanah</div>=0A<div> </div>=
=0A<div>--</div>=0A<div> </div>=0A<div>Quanah Gibson-Mount</div>=0A<d=
iv>Product Architect</div>=0A<div>Symas Corporation</div>=0A<div>Packaged,=
certified, and supported LDAP solutions powered by OpenLDAP:</div>=0A<div=
><http://www.symas.com></div>=0A<div> </div>=0A</div></blockquo=
te>=0A</body></html>
------=_001_NextPart714452840021_=------