So annonymous bind should be disabled

can you try ldapsearch without any login information?


On 16.11.2016 19:01, dan.finkelst...@high5games.com wrote:

I'm on FreeIPA 4.x

id:image001.jpg@01D1C26F.0E28FA60 <http://www.high5games.com/>

*Daniel Alex Finkelstein*| Lead Dev Ops Engineer

_dan.finkelst...@h5g.com <mailto:dan.finkelst...@h5g.com>_ | 212.604.3447

One World Trade Center, New York, NY 10007

www.high5games.com <http://www.high5games.com/>

Play High 5 Casino <https://apps.facebook.com/highfivecasino/> and Shake the Sky <https://apps.facebook.com/shakethesky/>

Follow us on: Facebook <http://www.facebook.com/high5games>, Twitter <https://twitter.com/High5Games>, YouTube <http://www.youtube.com/High5Games>, Linkedin <http://www.linkedin.com/company/1072533?trk=tyah>

//

/This message and any attachments may contain confidential or privileged information and are only for the use of the intended recipient of this message. If you are not the intended recipient, please notify the sender by return email, and delete or destroy this and all copies of this message and all attachments. Any unauthorized disclosure, use, distribution, or reproduction of this message or any attachments is prohibited and may be unlawful./

*From: *Martin Basti <mba...@redhat.com>
*Date: *Wednesday, November 16, 2016 at 12:47
*To: *Dan Finkelstein <dan.finkelst...@high5games.com>, "freeipa-users@redhat.com" <freeipa-users@redhat.com>
*Subject: *Re: [Freeipa-users] Disabling Anonymous Binds (LDAP)

On 16.11.2016 17:46, dan.finkelst...@high5games.com <mailto:dan.finkelst...@high5games.com> wrote:

    I've seen some discussion in the (distant) past about disabling
    anonymous binds to the LDAP component of IPA, and I'm wondering if
    there's a preferred method to do it. Further, are there any known
    problems with disabling anonymous binds when using FreeIPA? The
    only modern documentation I can find is here:
    
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/disabling-anon-binds.html,
    and I'm curious if FreeIPA has a different way.

    Thanks,

    Dan

    <http://www.high5games.com/>

    *Daniel Alex Finkelstein*| Lead Dev Ops Engineer

    _dan.finkelst...@h5g.com <mailto:dan.finkelst...@h5g.com>_ |
    212.604.3447

    One World Trade Center, New York, NY 10007

    www.high5games.com <http://www.high5games.com/>

    Play High 5 Casino <https://apps.facebook.com/highfivecasino/> and
    Shake the Sky <https://apps.facebook.com/shakethesky/>

    Follow us on: Facebook <http://www.facebook.com/high5games>,
    Twitter <https://twitter.com/High5Games>, YouTube
    <http://www.youtube.com/High5Games>, Linkedin
    <http://www.linkedin.com/company/1072533?trk=tyah>

    //

    /This message and any attachments may contain confidential or
    privileged information and are only for the use of the intended
    recipient of this message. If you are not the intended recipient,
    please notify the sender by return email, and delete or destroy
    this and all copies of this message and all attachments. Any
    unauthorized disclosure, use, distribution, or reproduction of
    this message or any attachments is prohibited and may be unlawful./



It depends on your FreeIPA version, 3.x is explained in link you posted, 4.x has a permission for this.

Sa what is your freeIPA version?

Martin


-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to