Re: "Re:Binding Directory Manager as default Bind when using SSL/TLS certificate (please help)"

Arpit Tolani <arpittolani@xxxxxxxxx> · Wed, 1 Jan 2014 18:21:41 +0530

Hello

On Mon, Dec 30, 2013 at 11:06 PM, fosiul alam <expertalert@xxxxxxxxx> wrote:

Hi Predrag

I just realized that from server itself i can do search without

providing BindDN and password.

But Cant do this from client....

example bellow from Server itself

[root@puppet-1 slapd-puppet-1]# ldapsearch -xZZZ

# extended LDIF

#

# LDAPv3

# base <dc=fosiul,dc=lan> (default) with scope subtree

# filter: (objectclass=*)

# requesting: ALL

#

# fosiul.lan

dn: dc=fosiul,dc=lan

dc: fosiul

objectClass: domain

objectClass: top

# groups, fosiul.lan

dn: ou=groups,dc=fosiul,dc=lan

ou: groups

objectClass: organizationalUnit

objectClass: top

# search result

search: 3

result: 0 Success

# numResponses: 3

# numEntries: 2

[root@puppet-1 slapd-puppet-1]#

So, looks like there is a restriction from Client anonymous search ..

May be ACI, What is the error you are getting ?

Any idea where to look at ??

Check in access logs in /var/log/dirsrv/slapd-instancename/ 

--

389 users mailing list

389-users@xxxxxxxxxxxxxxxxxxxxxxx

https://admin.fedoraproject.org/mailman/listinfo/389-users

-- 

Thanks & Regards
Arpit Tolani

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users