Net Warrior wrote: > Thanks for the answer, but, from the query I shown, you can see that the > DIT is displayed "namingContexts: dc=domain,dc=com" and knowking that, I > can make a ldapserch -x pointing tho the server and the base search for > example and list all the domain users, isn't it a security concern? I > tested it and it works, how can I create an access list to prevent this, > disable the simple auth or disable those anonymous queries ? Knowing namingContexts or not is not a matter of security. Having decent ALCs in place to protect the entries beneath dc=domain,dc=com is. Just locking down rootDSE does not help at all. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature