El vie, 07-04-2006 a las 10:08 -0600, Richard Megginson escribió: > Oscar A. Valdez wrote: > > > > my FDS server's access log has entries like these: > > > > conn=3266227 fd=138 slot=138 connection from 192.168.0.100 to > > 192.168.0.2 > > conn=3266227 op=0 BIND dn="" method=128 version=3 > > conn=3266227 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="" > > conn=3266227 op=1 SRCH base="ou=People,dc=duraflex,dc=com,dc=sv" scope=1 > > filter="(&(objectClass=posixAccount)(uid=dovecot))" attrs=ALL > > conn=3266227 op=1 RESULT err=0 tag=101 nentries=0 etime=0 > > conn=3266227 op=2 SRCH base="ou=Groups,dc=duraflex,dc=com,dc=sv" scope=1 > > filter="(&(objectClass=posixGroup)(memberUid=dovecot))" > > attrs="gidNumber" > > conn=3266227 op=2 RESULT err=0 tag=101 nentries=0 etime=0 > > conn=3266227 op=-1 fd=138 closed - B1 > > > > Dovecot tries binding with an empty dn, fails, > It doesn't fail, according to the log - the result of the BIND request > is err=0 i.e. success. > In LDAP, dn="" is an anonymous BIND. So, two possible problems: > 1) Did you try that same search from the command line using ldapsearch? > Same results? > 2) Did you set up your ACIs to allow anonymous read/search/compare > access to those entries and attributes? Thanks for the answer. Why the search for a dovecot user and group? -- Oscar A. Valdez -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
