[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: non-anonymous referrral

There is nothing in slapd(8) that controls whether or not
a client chasing a referral does authenticates to the referred
to server, and if so, how.  It's purely a client issue.

OpenLDAP distributed clients always chase referrals anonymously.


At 12:34 AM 4/18/2005, Narayanamoorthy wrote:
>Hi List,
>  I am using OpenLdap 2.2.13 in FC 3. We need to setup the following scenario.
>One master server and one slave server.
>BaseDN of master is example.com and slave is mumbai.example.com. 
>We are using referral in slave server's slapd.conf file to refer master's record.
>I am able to query slave's record from master and master's record from slave
>if anonymous bind is enabled.
>I am disabling anonymous bind in both servers by "disallow bind_anon". After
>disabling anonymous bind, I am not able to query master's record from slave
>The slave server is trying to refer master server as anonymous user and since
>anonymous is disabled in master server it is rejecting the request.
>Is the anyway to specify while referring bind as particular user? or any other
>alternative method.
>The following is the log from Master server
>Apr 18 13:04:04 murali slapd[7545]: conn=0 fd=13 ACCEPT from
>IP= (IP=
>Apr 18 13:04:04 murali slapd[7545]: conn=0 op=0 BIND dn="" method=128
>Apr 18 13:04:04 murali slapd[7545]: conn=0 op=0 RESULT tag=97 err=48
>text=anonymous bind disallowed
>Apr 18 13:04:04 murali slapd[7545]: conn=0 fd=13 closed