I have a setup of **OpenLDAP v2.3** which I am using for last few years. Following are the lines in `slapd.conf` for access control.
access to dn. c=IN"
by * read
access to dn.base="o=abc, c=IN"
by * none
When I do ldapsearch using anonymous bind gives me result.
For example following command gives result.
ldapsearch -x -h localhost -b "o=abc,c=IN"
Now I upgraded the OS, CentOS from 5.5 to 6.3 so the version of OpenLDAP is **OpenLDAP v2.4**. We have not changed the schema.
But now the same `ldapsearch` gives me `result: 32 No such object` error.
But it works when I added following line in access control configuration.
access to dn. c=IN"
by * read
access to dn.base="o=abc, c=IN"
by anonymous read
by * none
What can be the reason? Is there any security risk in doing so?
Thank you.