[Date Prev][Date Next] [Chronological] [Thread] [Top]

Without password - just a browseable list, no authentication



LS,

Is it possible to access a openldap database for search purposes only - without asking the users for a password. My application is basically yellowpages.

My slapd.conf looks like this:

include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/misc.schema
include /usr/local/etc/openldap/schema/openldap.schema
#include /usr/local/etc/openldap/schema/nis.schema
#include /usr/local/etc/openldap/schema/redhat/rfc822-MailMember.schema
#include /usr/local/etc/openldap/schema/redhat/autofs.schema
#include /usr/local/etc/openldap/schema/redhat/kerberosobject.schema


pidfile         /var/run/slapd.pid
argsfile        /var/run/slapd.args

#replogfile     /var/lib/ldap/master-slapd.replog

# Load dynamic backend modules:
#modulepath     /usr/sbin/openldap
#moduleload     back_ldap.la
#moduleload     back_ldbm.la
#moduleload     back_passwd.la
#moduleload     back_shell.la

access to *
       by self write
      by users read
#
# if no access controls are present, the default is:
       Allow read by all
#
# rootdn can always write!

#######################################################################
# ldbm database definitions
#######################################################################

database        ldbm
suffix          "dc=#######,dc=nl"
rootdn          "cn=root,dc=####,dc=nl"
rootpw          {SSHA}#################
directory       /var/lib/ldap
index           cn,mail,surname,givenname eq,subinitial

I can load the database with slapadd
I can slapcat the database
I cannot search the database with ldapseach
I cannot search the database from for instance mozilla

openldap 2.16
berkleyDB-4.1
I compiled with cyrus_sasl and tls.
I tried pam_ldap
I looked at the security with ldap document.

This is one very difficult package to get going.....

Best regards,

Antoine Maartens