[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Mac OS X OpenLDAP allows anonymous access to all fields
- To: openldap-technical@openldap.org
- Subject: Re: Mac OS X OpenLDAP allows anonymous access to all fields
- From: "RAT" <robert3t@netzero.net>
- Date: Mon, 13 Dec 2010 17:58:21 GMT
- Content-disposition: inline
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netzero.net; s=alpha; t=1292263183; bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; l=0; h=From:Date:To:Subject:Message-Id:Content-Type; b=ABnNqmprIkkBXIG6s9m9jfvfeAcWSWNhvT+sncH55TSgcmfHsCrEgCv9xjjy0NYyy nn04aSCAxRNfy6ENZrRs5ppwnrFeXaPrr8qOD+cPek5pYVkVUE8YdXXqWvHpYh9BP/ ePzu1rSxEVGIdWxmWw8SVY6V9szma6HsmYnlGgTo=
I have SSHA1 working, but still not comfortable with this being visible via LDAP query. http://www.openldap.org/doc/admin24/security.html What are others doing to harden the default install?
Robert Threet
http://yesistilluseperl.blogspot.com/
---------- Original Message ----------
From: "RAT" <robert3t@netzero.net>
To: openldap-technical@openldap.org
Subject: Mac OS X OpenLDAP allows anonymous access to all fields
Date: Mon, 13 Dec 2010 16:22:44 GMT
I am experimenting with authenticating users off of OpenLDAP. The default deployment from Apple seems to be (at least in my case) completely wide open. I have been trying to find a ACI to block access to the password value. Does anyone have any good resources on this or, better yet, an ACI I can apply?
Robert Threet
http://yesistilluseperl.blogspot.com/
____________________________________________________________
How to Fall Asleep?
Cambridge Researchers have developed an all natural sleep aid just for you.
http://thirdpartyoffers.netzero.net/TGL3231/4d065f00159b66954dest06duc