[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Why can I bind twice w & w/o a password?

Thomas Gagné wrote:

I created a user, cn=Thomas Gagne,dc=home,dc=lan, and gave him a password of "homelife". I can successfully bind with and without a password. I was looking at the output from ethereal and the responses to successive bind requests (both with and without passwords) are success! Why would that be?

Why is that?


Non-authenticated users *must* be able to bind so that they can
authenticate themselves. If non-authenticated users can't bind,
you get a chicken and egg situation which effectively renders
your ldap useless.