[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Binding Problems with authentication



[replied back to list to share answer with others... and the archives]

Joe Novielli wrote:
> Is that [ACL restricting anonymous reads] OK?  I don't want anonymous
> to perform searches or reading on any attribute.

Quite understandable.  However, such access controls disallows
use clients which insist on searching for the entry to bind to.
Such "friendly bind" approaches, in my opinion, are only useful
where LDAP is deployed in "friendly" environments.

Clients should just bind to DNs... leaving "friendly" DN mappings
to the server implementations...  Clients that don't allow users
to specify a bind DN are flawed.

Kurt