I agree, the documentation is misleading. They should say that anonymous
searches aren't allowed.
Joe K.
----- Original Message -----
From: "Jef Kazimer" <[EMAIL PROTECTED]>
To: <ActiveDir@mail.activedir.org>
Sent: Thursday, September 28, 2006 9:24 PM
Subject: Re: [ActiveDir] ADAM bind Redirection with a NULL password
Joe,
I forgot to mention on the article (Which I updated):
-----------------------------
I forgot to mention, I had thought to myself "Did I somehow enable
anonymous binds and forget?", since part of the design was to not-allow
anonymous. I did check the config entry as outlined in the ADAM FAQ:
ADAM does not accept anonymous bind requests by default. To enable
anonymous LDAP operations in ADAM, you must set the seventh character of
the dsHeuristics value to 2.
This indeed was set to NOT allow anonymous binds, which based on the
wording I would assume mean that anonymous binds would be rejected. In
actuality, an anonymous bind is a SUCCESS, but you can't enumerate the
directory structure from that point on. Perhaps the wording should be
changed to reflect this?
--------------------
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
