Create an ldif file like this: =============== dn:dc=example,dc=com changetype: modify replace: aci aci: (target ="ldap:///dc=example,dc=com";)(targetattr="*")(version 3.0; acl "Deny anonymous access"; deny (read, search, compare) userdn="ldap:///anyone";;) =============== Then run ldapmodify command: ./ldapmodify -h <HostName> -p <Port> -D "cn=Directory Manager" -w <Directory Manager password> -cvf <path to ldif file> This should disable anonymous binding. Cheers, Ankur Tony <pthagonal at gmail.com> wrote: Hi, I'm very new to FDS, but I have succeeeded in getting it up and running on top of CentOS 4.4, and have populated it with a basic list of users and their details. I've even got SSL working properly. Now I'd like to open port 636 to the outside world to let my users see the address list etc while they are outside the LAN. However I don't want anyone to bind anonymously to then pull out all the staff details - emails, phone numbers etc - so I'd like to prevent anonymous binds and make sure that all users authenticate before being allowed to access the data. Could some kind person point me at the docs/info in order to do that? I did find the "Require Client Authentication" check box but I believe that is something else - or am I wrong? -- Cheers, Tony -- Fedora-directory-users mailing list Fedora-directory-users at redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users --------------------------------- Yahoo! oneSearch: Finally, mobile search that gives answers, not web links. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20070514/94bbee29/attachment.html
