directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kiran Ayyagari (JIRA)" <>
Subject [jira] [Created] (DIRSERVER-1795) Add an ACI to RootDSE
Date Sat, 02 Feb 2013 06:28:12 GMT
Kiran Ayyagari created DIRSERVER-1795:

             Summary: Add an ACI to RootDSE
                 Key: DIRSERVER-1795
             Project: Directory ApacheDS
          Issue Type: Improvement
    Affects Versions: 2.0.0-M10
            Reporter: Kiran Ayyagari
            Assignee: Kiran Ayyagari
             Fix For: 2.0.0-M11

We might want to have this ACI stored and updated in configuration partition cause RootDSE
is a virtual entry.

The discussion that sparked this idea is given below.

 Is there a way to disable anonymous access to rootDSE
3 messages
Hammond, Steven <> 	Sat, Feb 2, 2013 at 3:22 AM
To: "" <>
We need to satisfy a requirement that takes issue with being able to see who the vendor of
the directory server is without authenticating first.  I think it will be a problem since
authenticating uses SASL and rootDSE shows the SASLmechanisms allowed, but maybe someone knows
a way.
Requirement is related to this page.
Thank you.
Kiran Ayyagari <> 	Sat, Feb 2, 2013 at 10:33 AM
no, this is not currently possible
[Quoted text hidden]
Kiran Ayyagari
Emmanuel Lécharny <> 	Sat, Feb 2, 2013 at 11:45 AM
Le 2/2/13 6:03 AM, Kiran Ayyagari a écrit :
> no, this is not currently possible

We may need to implement an ACI authz on the rootDSE, something we don't
currently support.

Emmanuel Lécharny

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message