Re: [389-users] "Re:Binding Directory Manager as default Bind when using SSL/TLS certificate (please help)"
Hi Predrag
I just realized that from server itself i can do search without providing BindDN and password. But Cant do this from client.... example bellow from Server itself
[root@puppet-1 slapd-puppet-1]# ldapsearch -xZZZ # extended LDIF # # LDAPv3 # base <dc=fosiul,dc=lan> (default) with scope subtree # filter: (objectclass=*) # requesting: ALL #
# fosiul.lan dn: dc=fosiul,dc=lan dc: fosiul objectClass: domain objectClass: top
# groups, fosiul.lan dn: ou=groups,dc=fosiul,dc=lan ou: groups objectClass: organizationalUnit objectClass: top
# search result search: 3 result: 0 Success
# numResponses: 3 # numEntries: 2 [root@puppet-1 slapd-puppet-1]#
So, looks like there is a restriction from Client anonymous search ..
Any idea where to look at ??
Well,
then client side (/etc/openldap/ldap.conf) is different on server box and client box (I assume 2 different boxes?).... Compare it and make identical. That might help..
Regards.
Am 30.12.2013 18:36, schrieb fosiul alam:
Hi Predrag
I just realized that from server itself i can do search without providing BindDN and password. But Cant do this from client.... example bellow from Server itself
[root@puppet-1 slapd-puppet-1]# ldapsearch -xZZZ # extended LDIF # # LDAPv3 # base <dc=fosiul,dc=lan> (default) with scope subtree # filter: (objectclass=*) # requesting: ALL #
# fosiul.lan dn: dc=fosiul,dc=lan dc: fosiul objectClass: domain objectClass: top
# groups, fosiul.lan dn: ou=groups,dc=fosiul,dc=lan ou: groups objectClass: organizationalUnit objectClass: top
# search result search: 3 result: 0 Success
# numResponses: 3 # numEntries: 2 [root@puppet-1 slapd-puppet-1]#
So, looks like there is a restriction from Client anonymous search ..
Any idea where to look at ??
389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Hello
On Mon, Dec 30, 2013 at 11:06 PM, fosiul alam expertalert@gmail.com wrote:
Hi Predrag
I just realized that from server itself i can do search without providing BindDN and password. But Cant do this from client.... example bellow from Server itself
[root@puppet-1 slapd-puppet-1]# ldapsearch -xZZZ # extended LDIF # # LDAPv3 # base <dc=fosiul,dc=lan> (default) with scope subtree # filter: (objectclass=*) # requesting: ALL #
# fosiul.lan dn: dc=fosiul,dc=lan dc: fosiul objectClass: domain objectClass: top
# groups, fosiul.lan dn: ou=groups,dc=fosiul,dc=lan ou: groups objectClass: organizationalUnit objectClass: top
# search result search: 3 result: 0 Success
# numResponses: 3 # numEntries: 2 [root@puppet-1 slapd-puppet-1]#
So, looks like there is a restriction from Client anonymous search ..
May be ACI, What is the error you are getting ?
Any idea where to look at ??
Check in access logs in /var/log/dirsrv/slapd-instancename/
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
389-users@lists.fedoraproject.org
-
Arpit Tolani -
Fosiul alam -
Predrag Zečević - Technical Support Analyst