[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authenticating clients

To: bluethundr@gmail.com, openldap-technical@openldap.org
Subject: Re: Authenticating clients
From: Quanah Gibson-Mount <quanah@zimbra.com>
Date: Thu, 24 Dec 2015 16:04:04 -0800
Content-disposition: inline
Dkim-filter: OpenDKIM Filter v2.9.3 edge01.zimbra.com 1ECCD44245
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zimbra.com; s=C2AA288C-EE47-11E2-9BB0-E820BDD9BDBF; t=1451001850; bh=ZBs8RCPvI3FqzDMRJAsRatNPNIPGa54yxkEcav8dOV8=; h=Date:From:To:Message-ID:MIME-Version; b=C2XtW47vf1b//J6lO02lfIQc+oL7JG2fBeSpC+BF7UdT2gDQtj5g2bWkuqDZTIlnJ 0hCp1SzIgPTK4F419Ab3/9e03qUyhh2hhtwfYyCu7ZtZ+lzqaLLgkOs5TE4fDZAEJy Sz3ePxg4oE3vjV015zYR718t81O2skZMNUy/SQxw=
In-reply-to: <0B2BCA9B-C69C-496C-85A8-65ADF9FA4DC6@gmail.com>
References: <0B2BCA9B-C69C-496C-85A8-65ADF9FA4DC6@gmail.com>

--On Thursday, December 24, 2015 4:35 PM -0500 bluethundr@gmail.com wrote:

Hey guys,

I've recently disabled anonymous binds and required TLS on my OpenLDAP
sever in order to log in.

Do you mean you disabled simple binds using anonymous auth? If so, thenyou'll have to configure an alternative method to bind, like SASL/EXTERNAL,etc.

Back when I was testing and anonymous binds were enabled and TLS was off
I could get LDAP accounts to login to the servers. And using a simple
tool like "authconfig-tui" under CentOS was all I needed to use to set
that up.


I believe that tool uses simple binds.

Where can I find the docs to configure a client server to allow LDAP
account logins with anonymous binds disabled and TLS required on the
OpenLDAP server?


My guess is you are confusing anonymous auth with anonymous binds.

--Quanah


--

Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration

References:
- Authenticating clients
  - From: bluethundr@gmail.com

Prev by Date: Authenticating clients
Next by Date: lmdb Handle Leak with VL32 on Windows
Index(es):
- Chronological
- Thread