[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Mac OS X OpenLDAP allows anonymous access to all fields



I have SSHA1 working, but still not comfortable with this being visible via LDAP query.  http://www.openldap.org/doc/admin24/security.html  What are others doing to harden the default install?


Robert Threet
http://yesistilluseperl.blogspot.com/

---------- Original Message ----------
From: "RAT" <robert3t@netzero.net>
To: openldap-technical@openldap.org
Subject: Mac OS X OpenLDAP allows anonymous access to all fields
Date: Mon, 13 Dec 2010 16:22:44 GMT

I am experimenting with authenticating users off of OpenLDAP.  The default deployment from Apple seems to be (at least in my case) completely wide open.  I have been trying to find a ACI to block access to the password value.  Does anyone have any good resources on this or, better yet, an ACI I can apply? 


Robert Threet
http://yesistilluseperl.blogspot.com/

____________________________________________________________
How to Fall Asleep?
Cambridge Researchers have developed an all natural sleep aid just for you.
http://thirdpartyoffers.netzero.net/TGL3231/4d065f00159b66954dest06duc