Ahhh okie you're right on.  My bad.

On Mon, Jul 20, 2009 at 8:34 PM, Emmanuel Lecharny <elecharny@apache.org> wrote:
Alex Karasulu wrote:
You're supposed to allow annonymous binds to the RootDSE even when anon
binds are disabled.  This is because RootDSE access is required always to
discover how to auth in the first place.
 
Not true, per RFC 4512 :

5.1.  Server-Specific Data Requirements

 ...

 These attributes are retrievable, *subject to access control* and other
 restrictions, if a client performs a Search operation...



--
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org





--
Alex Karasulu
My Blog :: http://www.jroller.com/akarasulu/
Apache Directory Server :: http://directory.apache.org
Apache MINA :: http://mina.apache.org