[Fedora-directory-users] disable anonymous binding
George Holbert
gholbert at broadcom.com
Mon May 14 22:19:04 UTC 2007
You will want to set up ACIs to allow the minimum necessary access.
See:
http://www.redhat.com/docs/manuals/dir-server/ag/7.1/acl.html
Be prepared for some trial-and-error experimentation to learn how to
implement your intended access policy.
Good luck!
-- George
Tony wrote:
> Hi,
>
> I'm very new to FDS, but I have succeeeded in getting it up and
> running on top of CentOS 4.4, and have populated it with a basic list
> of users and their details. I've even got SSL working properly. Now
> I'd like to open port 636 to the outside world to let my users see the
> address list etc while they are outside the LAN. However I don't want
> anyone to bind anonymously to then pull out all the staff details -
> emails, phone numbers etc - so I'd like to prevent anonymous binds and
> make sure that all users authenticate before being allowed to access
> the data.
>
> Could some kind person point me at the docs/info in order to do that?
> I did find the "Require Client Authentication" check box but I believe
> that is something else - or am I wrong?
>
More information about the Fedora-directory-users
mailing list