Mark Wilcox wrote:
LDAP
requires you to bind before any operation. What you need to do is setup
your ACLs up so that no anonymous access is allowed. mark
LDAP v2 requires that you bind before any operation.
With LDAPv3, it's not required.
Sending a Bind operation, doesn't fully mean authentication since you
can gain anonymous access by sending an empty DN and password.
But in this case, it's a question of ACL setup as you mentioned.
Ludovic.
-----Original
Message-----
From: Louis Simon <louis@vircom.com>
To: openldap-general@OpenLDAP.org
<openldap-general@OpenLDAP.org>
Date: Tuesday, October 26,
1999 11:31 AM
Subject: Binding
Hi, I wanted to know if there
is a way to force a bind, or not allow a search if there were no bind operation
made prior to the search. I noticed that Outlook Express and Netscape Communicator
always perform a bind before a search operation, and that is good. Now,
when I make a search with ldapsearch.exe utility, it does not go trough
the binding process and the user got access to my database without having
been authenticated. Bottom line is that I don't want
to give access to search operation without the user going trough the binding
operation. Can this be done? Louis
--
Ludovic Poitou
Sun Microsystems Inc.
Sun-Netscape Alliance - Directory Group - Grenoble - France
|