> On 12 Jul 2019, at 20:15, Andry Michaelidou <andry.michaeli...@gmail.com> > wrote: > > Hello all, > > We are trying to disabe anonymous binds to our 389-DS ldap servers, but it > seems like my automount setting are not working. > Is it possible to have automount working with anonymous bind not enabled?
Yes it is possible - you'll need a service account per-host or "shared" between the machines that allows them to read. This document has more https://docs.oracle.com/cd/E52668_01/E54669/html/ol7-cliautofs-ldap.html See the section on autofs_ldap_auth.conf. Saying this, I think that if you have a "shared" account between the machines enabling autofs to work, that's basically the same as anonymous because you have a massively shared account with no privileges. IMO disabling anonymous is not an improvement in security, because you end up with a much more complex system to administer. Hope that helps, > > Thank you in advance, > Andry Michaelidou > University of Cyprus > _______________________________________________ > 389-users mailing list -- 389-users@lists.fedoraproject.org > To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org — Sincerely, William Brown Senior Software Engineer, 389 Directory Server SUSE Labs _______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
