[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Possible to have blank passwords?
Luke Howard wrote:
>
> userPassword: {crypt}
>
> should do it. I'm not sure what the deal is with OpenLDAP regarding
> this, but I know that ypldapd doesn't handle this properly. :-)
>
> -- Luke
One problem is the RFC 2251 says that a zero-length password sent in an
LDAP bind request should mean "anonymous auth." I am not sure what to
do for those people who want zero-length passwords to mean "let me in
without a password" (the UNIX tradition). I assume ypldapd does an LDAP
compare operation or retrieves the userPassword and does the password
check itself or ?
--
Mark Smith
Directory Architect / Sun-Netscape Alliance
My words are my own, not my employer's. Got LDAP?