Enhancement #2793
LDAP anonymous access to user account entries
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-directory | |||
Target version: | ~FUTURE | |||
Resolution: | REJECTED | NEEDINFO: | No |
Description
Some LDAP clients and/or legacy environments requires anonymous bind to the LDAP accounts database.
Currently only authenticated binds over TLS/SSL are granted access to the LDAP tree.
Enable (restricted) access to anonymous binds too.
History
#1 Updated by Davide Principi about 7 years ago
WARNING
This is not easily reversible!
This command opens the LDAP to the world, (except password fields):
# perl -MNethServer::Directory -e ' $l = NethServer::Directory->new(); $l->enforceAccessDirective("by anonymous read", "*"); '
#2 Updated by Giacomo Sanchietti about 7 years ago
- Status changed from NEW to TRIAGED
- % Done changed from 0 to 20
Tested with Mozilla Thunderbird with following configurations:
- Host: ip address of the server
- Port: 389
- Base DN: ou=People,dc=example,dc=org
- On Advanced tab, make sue "Login method" is set to "Simple"
#3 Updated by Giacomo Sanchietti about 6 years ago
- Status changed from TRIAGED to CLOSED
- % Done changed from 20 to 100
- Resolution set to REJECTED
Added to documentation:
http://docs.nethserver.org/projects/nethserver-devel/en/latest/directory.html