directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <>
Subject Re: [jira] Created: (DIRSERVER-1383) There is a confusion between Anonymous access and Access to rootDSE
Date Tue, 21 Jul 2009 00:48:10 GMT
Alex Karasulu wrote:
> You're supposed to allow annonymous binds to the RootDSE even when anon
> binds are disabled.  This is because RootDSE access is required always to
> discover how to auth in the first place.

Also I don't think we need to be able to read the rootDSE when doing a 
Bind. The way it works is that a client just send a BindRequest, and the 
server do what it should with this request, with full access to the RootDSE.

So I don't think we should allow anonymoius access to the RootDSE for 
the client, unless the admin specifically decide to do so.

cordialement, regards,
Emmanuel L├ęcharny

View raw message