[Fedora-directory-users] Authenticate before querying ldap.
Chun Tat David Chu
beyonddc.storage at gmail.com
Thu Jan 24 21:33:39 UTC 2008
Please correct me if I'm wrong. I thought the easiest way to disable
anonymous access is to remove the default anonymous access ACI or modify the
ACI from "ldap:///anyone" to "ldap:///all" so that only authenticated user
can access to the directory.
- David
On Jan 24, 2008 10:03 AM, Ivan Ferreira <iferreir at personal.com.py> wrote:
> One way will be by modifying the ACIs to do not allow anonymous read
> access
> to attributes.
>
> Not sure if there is an "easy way" to disable anonymous access to the
> directory in the Console.
>
>
>
>
>
>
>
> Para
> "General discussion list for the
> Fedora Directory server
> "mallapadi niranjan" project."
> <niranjan.ashok at gmail.co <fedora-directory-users at redhat.c
> m> om>
> Enviado por: cc
> fedora-directory-users-b
> ounces at redhat.com Asunto
> Re: [Fedora-directory-users]
> 24/01/2008 11:57 a.m. Authenticate before querying
> ldap.
> Clasificación
> Uso Interno
> Por favor, responda a
> "General discussion list
> for the Fedora Directory
> server project."
> <fedora-directory-users@
> redhat.com>
>
>
>
>
>
>
>
>
> On Jan 24, 2008 4:37 PM, <shivaraj.shivanna at wipro.com> wrote:
> Hi,
> Our organization has an AD server running which requires you to bind
> to it first before querying the server.
>
> For example commands like
> ldapsearch -x -h "some ip" "(cn=abcd)" -b "some base" would fail
> with LdapErr: DSID-0C090627, comment: In order to perform this
> operation a successful bind must be completed on the connection.
> but commands like
> ldapsearch -x -h "some ip" "(cn=abcd)" -b "some base" -D "some
> user dn" -W would work on entering correct password.
>
> How can we replicate this behavior with the fedora directory server ?
>
> through access control lists, you can disable anonymous access and
> specify
> authorization
>
> You can refer the below
>
> http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Access_Control-Default_ACIs.html
>
>
> http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Access_Control-Access_Control_Usage_Examples.html
>
>
>
>
> Regards,
> Shivraj
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
>
> ========================================================================================
> AVISO LEGAL: Esta información es privada y confidencial y está dirigida
> únicamente a su destinatario. Si usted no es el destinatario original de
> este mensaje y por este medio pudo acceder a dicha información por favor
> elimine el mensaje. La distribución o copia de este mensaje está
> estrictamente prohibida. Esta comunicación es sólo para propósitos de
> información y no debe ser considerada como propuesta, aceptación ni como
> una declaración de voluntad oficial de NUCLEO S.A. La transmisión de
> e-mails no garantiza que el correo electrónico sea seguro o libre de
> error.
> Por consiguiente, no manifestamos que esta información sea completa o
> precisa. Toda información está sujeta a alterarse sin previo aviso.
>
> This information is private and confidential and intended for the
> recipient only. If you are not the intended recipient of this message you
> are hereby notified that any review, dissemination, distribution or
> copying of this message is strictly prohibited. This communication is for
> information purposes only and shall not be regarded neither as a proposal,
> acceptance nor as a statement of will or official statement from NUCLEO
> S.A. . Email transmission cannot be guaranteed to be secure or error-free.
> Therefore, we do not represent that this information is complete or
> accurate and it should not be relied upon as such. All information is
> subject to change without notice.
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20080124/c75be6bd/attachment.htm>
More information about the Fedora-directory-users
mailing list