[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Why can I bind twice w & w/o a password?

To: openldap list <openldap-software@OpenLDAP.org>
Subject: Re: Why can I bind twice w & w/o a password?
From: Zenon Panoussis <openldaplists@provocation.net>
Date: Wed, 03 Mar 2004 11:16:39 +0100
In-reply-to: <4045582B.6090105@wideopenwest.com>
References: <4045582B.6090105@wideopenwest.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040126


Thomas Gagné wrote:

I created a user, cn=Thomas Gagne,dc=home,dc=lan, and gave him a password of "homelife". I can successfully bind with and without a password. I was looking at the output from ethereal and the responses to successive bind requests (both with and without passwords) are success! Why would that be?

Why is that?

ACLs?

Non-authenticated users *must* be able to bind so that they can
authenticate themselves. If non-authenticated users can't bind,
you get a chicken and egg situation which effectively renders
your ldap useless.

References:
- Why can I bind twice w & w/o a password?
  - From: Thomas Gagné <tgagne@wideopenwest.com>

Prev by Date: OU Structure
Next by Date: Re: stuck with back-sql
Index(es):
- Chronological
- Thread