[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: BIND with empty password

tor, 2002-11-21 kl. 18:40 skrev marc.bigler@day.com:

> I've remarked that when I BIND to an ldap server and enter an empty
> password it binds successfully, is that normal ?


>  I would like to only let
> users which are defined in ou=LDAPuser,dc=mydomain,dc=com to use LDAP, how
> can I acheive that with the access statement ? I do not want to allow any
> anonymous binds...

access to dn="dc=mydomain,dc=com"
	by * none

access to dn.children="dc=mydomain,dc=com"
	by anonymous auth
	by dn="ou=LDAPuser,dc=mydomain,dc=com" write (or read or
	by * none

access to *
	by * none

Or whatever you want.




Tony Earnshaw

When all's said and done ...
there's nothing left to say or do.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl