[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Binding Problems with authentication

To: Joe Novielli <jnoviell@matrox.com>, openldap-software@OpenLDAP.org
Subject: Re: Binding Problems with authentication
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Wed, 21 Jul 1999 13:10:04 -0700
Organization: OpenLDAP <http://www.openldap.org/>
References: <4.2.0.58.19990721142655.03915bc0@coyote.matrox.com> <3795F998.50DF4974@stl.es> <4.2.0.58.19990721113001.039419c0@coyote.matrox.com> <4.2.0.58.19990721151404.038cc3d0@coyote.matrox.com>

[replied back to list to share answer with others... and the archives]

Joe Novielli wrote:
> Is that [ACL restricting anonymous reads] OK?  I don't want anonymous
> to perform searches or reading on any attribute.

Quite understandable.  However, such access controls disallows
use clients which insist on searching for the entry to bind to.
Such "friendly bind" approaches, in my opinion, are only useful
where LDAP is deployed in "friendly" environments.

Clients should just bind to DNs... leaving "friendly" DN mappings
to the server implementations...  Clients that don't allow users
to specify a bind DN are flawed.

Kurt

Follow-Ups:
- Re: Binding Problems with authentication
  - From: Jeff Clowser <jclowser@aerotek.com>
- Re: Binding Problems with authentication
  - From: Joe Novielli <jnoviell@matrox.com>
- Disabling NN Friendly Bind (Was: Binding Problems with authentication)
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Re: Binding Problems with authentication
  - From: Joe Novielli <jnoviell@matrox.com>
- Re: Binding Problems with authentication
  - From: Julio Sánchez Fernández <j_sanchez@stl.es>
- Binding Problems with authentication
  - From: Joe Novielli <jnoviell@matrox.com>

Prev by Date: Re: Binding Problems with authentication
Next by Date: Re: Net::LDAPapi and C SDK problems
Index(es):
- Chronological
- Thread