[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Bind as an authenticated user for fetching directory information
- To: openldap-technical@openldap.org
- Subject: Bind as an authenticated user for fetching directory information
- From: Jayavant Patil <jayavant.patil82@gmail.com>
- Date: Wed, 14 Dec 2011 12:43:11 +0530
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=BidiDAg5uBn724e0eM97z+V/yMkxOtbv6VHUDpiyXK8=; b=CR7w3ILCRu+fj5zPbenh7jTrNTIQ2l8/doN7dGdxrZBXF+W3Y+vV7byKDlyuJ0ePWV a0ItvgQ3a7d79u1WBcsN9GT9uIGzBbSsJwYcSG3JPp+UVgUd3w4cao9hOsSQBnrF48zZ 5oMZuVNnzPK235Cks6OB6E1pXlW+td3fiG4lI=
Hi,
I am using openldap-2.4.19-4.x86_64 on fedora 12 machine. On client node, in /etc/ldap.conf file, we specify binddn and bindpw. If not specified, the request will be anonymous. I have on each client machine more than 500 users. I want to send the request to server as an authenticated user but users are 500+. Then, how do I specify this in binddn and bindpw. I don't want to specify 'root' (admin) in binddn and bindpw. I have rootbinddn as root's dn and his password in /etc/ldap.secret (mode 600).
As earlier said, anonymous request is creating 'I have no name!' problem while doing $ssh <user>@client, since I have given anonymous user auth access. If I specify anonymous read access, 'I have no name!' problem disappears but security is getting compromised. I think there is no problem with nscd daemon, since it is stopped or even I uninstalled that, the problem still persists.
--
Thanks & Regards,
Jayavant Ningoji Patil
Engineer: System Software
Computational Research Laboratories Ltd.
Pune-411 004.
Maharashtra, India.
+91 9923536030.