httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ian Pilcher <>
Subject [users@httpd] Why is AuthLDAPCompareAsUser discouraged?
Date Tue, 02 May 2017 14:31:02 GMT
I had to enable this option, because FreeIPA 4 doesn't make group
membership visible to anonymous binds.  The documentation for this
option says:

   This directive should only be used when your LDAP server doesn't
   accept anonymous comparisons and you cannot use a dedicated

I've been trying to think of a way in which creating an additional LDAP
user, just for this purpose, and storing its password in cleartext in a
configuration file is a better option.  I can't come up with anything.

Does anyone know why this option is discouraged?

Ian Pilcher                               
-------- "I grew up before Mark Zuckerberg invented friendship" --------

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message