Enhancement #2793
LDAP anonymous access to user account entries
| Status: | CLOSED | Start date: | ||
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 100% | |
| Category: | nethserver-directory | |||
| Target version: | ~FUTURE | |||
| Resolution: | REJECTED | NEEDINFO: | No |
Description
Some LDAP clients and/or legacy environments requires anonymous bind to the LDAP accounts database.
Currently only authenticated binds over TLS/SSL are granted access to the LDAP tree.
Enable (restricted) access to anonymous binds too.
History
#1
Updated by Davide Principi about 7 years ago
WARNING
This is not easily reversible!
This command opens the LDAP to the world, (except password fields):
# perl -MNethServer::Directory -e '
$l = NethServer::Directory->new();
$l->enforceAccessDirective("by anonymous read", "*");
'
#2
Updated by Giacomo Sanchietti about 7 years ago
- Status changed from NEW to TRIAGED
- % Done changed from 0 to 20
Tested with Mozilla Thunderbird with following configurations:
- Host: ip address of the server
- Port: 389
- Base DN: ou=People,dc=example,dc=org
- On Advanced tab, make sue "Login method" is set to "Simple"
#3
Updated by Giacomo Sanchietti about 6 years ago
- Status changed from TRIAGED to CLOSED
- % Done changed from 20 to 100
- Resolution set to REJECTED
Added to documentation:
http://docs.nethserver.org/projects/nethserver-devel/en/latest/directory.html