KB Articles

 

KB Article # 7744

Topic/Category: LDAP

Issue: If you are using LDAP authentication and have security concerns, this will show you how to disable the anonymous access to the directory of OpenLDAP if it is not required

 

Solution:

Following are few configuration that can be done to disable the anonymous access to the directory:-

  1. Add the following line in ‘OpenLDAP/slapd.conf’ file:-
    access to * by anonymous none

 

This has been tested over the OpenLDAP2.4 provided in Ephesoft by default.

Reference:- http://www.mpipks-dresden.mpg.de/~mueller/docs/suse10.1/suselinux-manual_en/manual/sec.ldap.slapd.html

 

  1. Add the following two lines in ‘OpenLDAP/slapd.conf’ file to explicitly deny anonymous binds and anonymous access to the directory information:-
    disallow bind_anon
    
    require authc

 

Reference:- http://www.openldap.org/doc/admin23/security.html

 

 

< Back|KB Main Page | Next KB Article >

Was this article helpful to you?

Walter Lee

Comments are closed.