KB Articles


KB Article # 7744

Topic/Category: LDAP

Issue: If you are using LDAP authentication and have security concerns, this will show you how to disable the anonymous access to the directory of OpenLDAP if it is not required



Following are few configuration that can be done to disable the anonymous access to the directory:-

  1. Add the following line in ‘OpenLDAP/slapd.conf’ file:-
    access to * by anonymous none


This has been tested over the OpenLDAP2.4 provided in Ephesoft by default.

Reference:- http://www.mpipks-dresden.mpg.de/~mueller/docs/suse10.1/suselinux-manual_en/manual/sec.ldap.slapd.html


  1. Add the following two lines in ‘OpenLDAP/slapd.conf’ file to explicitly deny anonymous binds and anonymous access to the directory information:-
    disallow bind_anon
    require authc


Reference:- http://www.openldap.org/doc/admin23/security.html



< Back|KB Main Page | Next KB Article >