@mail.activedir.org
Sent: Thursday, September 28, 2006 11:22 PM
Subject: Re: [ActiveDir] ADAM bind Redirection with a NULL password
Tony,
I have a workshop next week with a vendor to discuss an extranet
solution. Unfortunately, LDAP auth is not going to be possible, since
] On Behalf Of [EMAIL PROTECTED]
Sent: Thursday, September 28, 2006 9:12 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] ADAM bind Redirection with a NULL password
Tony,
I have to wonder what is classified as a special circumstances, since
I
suppose they are all sort of special.
I have used
with a resultCode of
unwillingToPerform.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jef Kazimer
Sent: 29 September 2006 01:53
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] ADAM bind Redirection with a NULL password
Since there has
Sent: Friday, September 29, 2006 1:16 AM
Subject: Re: [ActiveDir] ADAM bind Redirection with a NULL password
Do try to push your vendors in the direction of standards-based federation
when federation is the solution. It is really the best way to go for that
particular class of problems
Message -
From: Eric Fleischman [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Friday, September 29, 2006 1:22 AM
Subject: RE: [ActiveDir] ADAM bind Redirection with a NULL password
I accept at least partial responsibility for the strong language. I
pushed for it as I believed
:)
Jef
- Original Message -
From: Flight, L. [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Friday, September 29, 2006 5:41 AM
Subject: RE: [ActiveDir] ADAM bind Redirection with a NULL password
Hi
This is not just an ADAM problem it's been a problem with LDAP
directories
Murray [EMAIL PROTECTED]To:
ActiveDir@mail.activedir.orgSent: Thursday, September 28, 2006 9:27 PMSubject: Re: [ActiveDir] ADAM bind Redirection with a NULL password My impression from reading the on-line documentation is that the use of
ADAM Proxy Objects and bind redirection is frowned upon anyway
this was done.
Thanks,
Jef
- Original Message -
From:
Al
Mulnick
To: ActiveDir@mail.activedir.org
Sent: Friday, September 29, 2006 9:47
AM
Subject: Re: [ActiveDir] ADAM bind
Redirection with a NULL password
Curious about your scenario here Jef. Corportate
:47
AM
Subject: Re: [ActiveDir] ADAM bind
Redirection with a NULL password
Curious about your scenario here Jef. Corportate
Spinoff:We needed to split off a portion of our users into a new
company, and anentirely new forest. To solve the issue of apps only
binding to a single NC
Since there has been talk of LDAP Authentication as of late, I figured I'd
post my issue of poorly developed applications allowing a null password to
an ADAM instance using Bind Redirection.
http://jeftek.spaces.live.com/blog/cns!F2042DC08607EF2!710.entry
I'd be curious if a bit flip to shut
above. Just setting expectations...
~Eric
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jef Kazimer
Sent: Thursday, September 28, 2006 5:53 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] ADAM bind Redirection with a NULL password
Since
.
- Original Message -
From: Jef Kazimer [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Thursday, September 28, 2006 7:53 PM
Subject: [ActiveDir] ADAM bind Redirection with a NULL password
Since there has been talk of LDAP Authentication as of late, I figured
I'd post my issue
- Original Message -
From: Eric Fleischman [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Thursday, September 28, 2006 8:48 PM
Subject: RE: [ActiveDir] ADAM bind Redirection with a NULL password
One solution would be to ACL all objects such that SELF can read them,
then have the app, after
@mail.activedir.org
Sent: Thursday, September 28, 2006 8:58 PM
Subject: Re: [ActiveDir] ADAM bind Redirection with a NULL password
It is a good article with good analysis. I do think it would be a useful
feature to have a bit to flip for simple bind to be forced to fail with
blank password, even
, instead of after when it doesn't work, but I won't :)
Jef
- Original Message -
From: Eric Fleischman [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Thursday, September 28, 2006 8:48 PM
Subject: RE: [ActiveDir] ADAM bind Redirection with a NULL password
One solution would
proxies? I've never tried.
Joe K.
- Original Message -
From: Tony Murray [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Thursday, September 28, 2006 9:27 PM
Subject: Re: [ActiveDir] ADAM bind Redirection with a NULL password
My impression from reading the on-line
I agree, the documentation is misleading. They should say that anonymous
searches aren't allowed.
Joe K.
- Original Message -
From: Jef Kazimer [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Thursday, September 28, 2006 9:24 PM
Subject: Re: [ActiveDir] ADAM bind
: [ActiveDir] ADAM bind Redirection with a NULL password
One solution would be to ACL all objects such that SELF can read them,
then have the app, after it has authenticated as the user, try and read
something on the user itself. This way you know you are in fact that
user (or someone else that has read
Murray [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Thursday, September 28, 2006 9:27 PM
Subject: Re: [ActiveDir] ADAM bind Redirection with a NULL password
My impression from reading the on-line documentation is that the use of
ADAM Proxy Objects and bind redirection is frowned upon
, 2006 10:12 PM
Subject: Re: [ActiveDir] ADAM bind Redirection with a NULL password
The problem is that this happens a lot. There are simply tons of
applications out there that don't use Windows SASL binds. It would be
nice if it wasn't this way, but that's the reality of LDAP auth,
especially
]
To: ActiveDir@mail.activedir.org
Sent: Thursday, September 28, 2006 10:57 PM
Subject: Re: [ActiveDir] ADAM bind Redirection with a NULL password
Yes, I can see that Windows SASL binds might not be universally available
;-)
Thinking about it, another problem with the SASL binds is that presumably
the ADAM
an
app
is purchased, instead of after when it doesn't work, but I won't :)
Jef
- Original Message -
From: Eric Fleischman [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Thursday, September 28, 2006 8:48 PM
Subject: RE: [ActiveDir] ADAM bind Redirection with a NULL password
One
22 matches
Mail list logo