On Mon, 2014-04-28 at 16:11 +0100, Andrew Holway wrote:
> > I realized that you probably want to disable anonymous access to LDAP. It
> > will prevent random strangers to enumerate all users in your database...
> This sounds like a bug no? anonymous access to LDAP?

Historically many Linux and Unix OSs did not authenticate to LDAP to
download POSIX info, so we allow by default to access a lot of the tree
We are in the process of changing how the permissions work in 4.0, and
will contextually close down a lot more of the tree letting the admin
more easily configure access.

So, no it is not technically a bug, but it is something you want to look
out for as an admin.


Simo Sorce * Red Hat, Inc * New York

Freeipa-users mailing list

Reply via email to