[Date Prev][Date Next]
RE: using pam binddn/bindpw w/slapd anonymous access disallowed
- To: Gene Sohn <firstname.lastname@example.org>
- Subject: RE: using pam binddn/bindpw w/slapd anonymous access disallowed
- From: Greg Matthews <email@example.com>
- Date: 01 Jul 2003 09:24:17 +0100
- Cc: openldap-software@OpenLDAP.org
- In-reply-to: <KNEHLPPBIIHJNBHICFEMCEFLDCAA.firstname.lastname@example.org>
- Organization: iTSS
- References: <KNEHLPPBIIHJNBHICFEMCEFLDCAA.email@example.com>
try using rootbinddn and putting the password in /etc/ldap.secret or
wherever pam_ldap/nss_ldap was configured to find it. I *think* that
pam_ldap is 'effective user root' and so needs this for binding rather
than the general binddn.
I'm sure someone on this list will let you know if I'm wrong about this.
On Mon, 2003-06-30 at 20:25, Gene Sohn wrote:
> Hi Greg,
> Thanks for the reply!
> I don't believe this is an issue for me as I don't believe autofs
> participates in the pipeline of calls I'm troubleshooting. Simply put, I'm
> trying to get pam_ldap to pass binddn and binddw to the ldap server for
> login/authentication calls so that pam uses a non-anonymous user to get
> password information. This way I can secure anonymous access to the LDAP
> In fact, if I decide not to care about this issue, my setup works. I just
> happen to care about security in this case, since I want to be able to query
> my ldap server directly if need be from anywhere.
iTSS Wallingford 01491 692445