Gavin Henry wrote:
And this where is got interesting:
- Access via ldap on the user DIT and on cn=monitor where both
inhibited and connections (rightly) refused whereas in both cases access via ldaps was accepted. 2. I could bind anonymously to rootDSE and cn=subschema which I wanted 3. cn=config would accept either a ldap (389) or an ldaps (636) connection. Apparently by-passing the security simple_bind=128 check.
How did you bind?
binds cn=monitor (rootdn), user DIT (normal user) and cn=config (rootdn) were simple authenticated binds. bind to rootDSE and cn=subschema were anonymous
a. Is this expected? b. is there a better way to do it? c. Am I (more than likely) missing something? (on searching the archives I saw a note from Quannah suggesting that he was using some sort of SASL service to inhibit access). Many thanks in advance for any help on this matter. Regards