directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ersin Er" <ersin...@gmail.com>
Subject Re: [ApacheDS Authorization] Generic Bind User Config
Date Sat, 24 Mar 2007 07:10:34 GMT
On 3/24/07, Tim Quinn <jpyobjcdude@gmail.com> wrote:
>
> On 3/21/07, Tim Quinn <jpyobjcdude@gmail.com> wrote:
> >
> > I would like to create a non-privledged system user for other systems to
> > do authentication binds for centralized password management. I want to
> avoid
> > using anonymous binds to the server.
> >
> > I only want this user to be able to bind and not have any browse / read
> /
> > modify / delete access to the directory.
> >
> > Do I need to set up an Access Control Subentry to do this?
> >
> > Any help is greatly appreciated.
> >
> > ;)
> >
>
> I figured this one out and have gotten Authorization working correctly how
> I
> want. Looks like OOTB, any user can bind to any DN without requiring any
> ACI
> Authorization configuration as long as the user knows the complete DN to
> bind to. If the user requires search capability, then it may be necessary
> to
> configure Authorization.


Yes there is no restriction on bind for any user. However  you can arrange
the ACIs according to the bind level (strong, simple). We might add more
detailed bind rules to the ACIs later.

..TQ
>



-- 
Ersin

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message