Maybe.
I will be using an anonymous (NULL basdn and password) connection for my LDAP patch
initially.
Are your automount maps confidential. What is the need to password protect them.
The only question is will a bind with NULL basedn and password work with LDAP v2 and
v3 in general as well as OpenLDAP 2.0 and OpenLDAP 2.1?
-----Original Message-----
From: Jehan PROCACCIA [SMTP:[EMAIL PROTECTED]
Sent: Tuesday, July 22, 2003 3:14 PM
To: Kent, Ian I.
Cc: [EMAIL PROTECTED]
Subject: Re: [autofs] autofs and openldap2.1
it is already in a config file for pam/nss ldap; in /etc/ldap.conf
if autofs could actually use that file to retrieve binddn/password that
would be fine .
Kent, Ian I. wrote:
>
> But the password would need to be specified in a config. somewhere.
> How would you read master maps?
>
> -----Original Message-----
> From: Jehan PROCACCIA [SMTP:[EMAIL PROTECTED]
> Sent: Monday, July 21, 2003 3:47 PM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: Re: [autofs] autofs and openldap2.1
>
> A workaround is adding this to slapd.conf:
>
> # The next line allows LDAPv2 bind requests, which are disabled by
default.
> allow bind_v2 bind_anon_dn
>
>
> However, that would be fine to have an autofs patch with something
that
> allow to use a binddn/bindpassword pair instead of anonymous bind !
>
> [EMAIL PROTECTED] wrote:
> > Hello,
> >
> > I'm looking into upgrading my ldap server to 2.1.
> > In 2.1 of openldap they no longer allow you to bind to a DN w/ a null
> > password and get anon access (you need to use a null DN as well):
> >
> > sjh% ldapsearch -x -h server -D ou=People,dc=foo,dc=com -W uid=sjh
> > Enter LDAP Password:
> > ldap_bind: DSA is unwilling to perform
> > additional info: unauthenticated bind (DN with no password)
disallowed
> >
> > autofs binds in this way: (lookup_ldap.c line 96)
> > /* Connect to the server as an anonymous user. */
> > rv = ldap_simple_bind_s(ldap, ctxt->base, NULL);
> >
> > Is this done for a reason, or is it historical?
> >
> >
> > -Seth
> > _______________________________________________
> > autofs mailing list
> > [EMAIL PROTECTED]
> > http://linux.kernel.org/mailman/listinfo/autofs
>
>
>
> --
> Jehan Procaccia | Ingenieur Systemes & Reseaux
> Institut National des Telecommunications| Tel : +33 (0) 160764436
> MCI, Moyens Communs Informatiques | Mail: [EMAIL PROTECTED]
> 9 rue Charles Fourier 91011 Evry France | Fax : +33 (0) 160764321
>
> _______________________________________________
> autofs mailing list
> [EMAIL PROTECTED]
> http://linux.kernel.org/mailman/listinfo/autofs
>
> _______________________________________________
> autofs mailing list
> [EMAIL PROTECTED]
> http://linux.kernel.org/mailman/listinfo/autofs
--
Jehan Procaccia | Ingenieur Systemes & Reseaux
Institut National des Telecommunications| Tel : +33 (0) 160764436
MCI, Moyens Communs Informatiques | Mail: [EMAIL PROTECTED]
9 rue Charles Fourier 91011 Evry France | Fax : +33 (0) 160764321
_______________________________________________
autofs mailing list
[EMAIL PROTECTED]
http://linux.kernel.org/mailman/listinfo/autofs
