Re: non-anonymous referrral

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

There is nothing in slapd(8) that controls whether or not
a client chasing a referral does authenticates to the referred
to server, and if so, how.  It's purely a client issue.

OpenLDAP distributed clients always chase referrals anonymously.

Kurt

At 12:34 AM 4/18/2005, Narayanamoorthy wrote:
>Hi List,
>  I am using OpenLdap 2.2.13 in FC 3. We need to setup the following scenario.
>
>One master server and one slave server.
>
>BaseDN of master is example.com and slave is mumbai.example.com. 
>
>We are using referral in slave server's slapd.conf file to refer master's record.
>
>I am able to query slave's record from master and master's record from slave
>if anonymous bind is enabled.
>
>I am disabling anonymous bind in both servers by "disallow bind_anon". After
>disabling anonymous bind, I am not able to query master's record from slave
>server.
>
>The slave server is trying to refer master server as anonymous user and since
>anonymous is disabled in master server it is rejecting the request.
>
>Is the anyway to specify while referring bind as particular user? or any other
>alternative method.
>
>The following is the log from Master server
>
>Apr 18 13:04:04 murali slapd[7545]: conn=0 fd=13 ACCEPT from
>IP=192.168.1.215:32929 (IP=0.0.0.0:636)
>Apr 18 13:04:04 murali slapd[7545]: conn=0 op=0 BIND dn="" method=128
>Apr 18 13:04:04 murali slapd[7545]: conn=0 op=0 RESULT tag=97 err=48
>text=anonymous bind disallowed
>Apr 18 13:04:04 murali slapd[7545]: conn=0 fd=13 closed
>
>TIA
>Moorthy