Microsoft
Software
Hardware
Network
Question : Linux, LDAP, securing LDAP to preven anonymous searching....
We are using Samba here and LDAP and I have been told that people are actually taking information from the LDAP using anonymous access because they can get everything apart from passwords. This can result in e-mail addresses, names, and mailing addresses being used for SPAM and things of that nature.
I'm REALLY new to Linux and Samba and I wanted to know if there is a good step-by-step on how to prevent this by securing LDAP...
Answer : Linux, LDAP, securing LDAP to preven anonymous searching....
Everything concerning LDAP security is in the slapd.conf (/etc/openldap/slapd.conf)
This is part of that descryption.
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
So first you need to think about what people are allowed, what applications can do
You can configure any access to only allow readaccess by f.e. self.
also allow the anonymous to auth otherwise no one can access ldap
to authenticate itself.
SAMBA might need access to the passwords in that case you need a proxy account that
can access the password field.
http://www.stress-free.co.
nz/suse_op
enldap_sam
ba_howto
http://www.gentoo.org/doc/
en/ldap-ho
wto.xml
http://www.mediaplaza.nl/u
ploaded/FI
LES/semina
rs/2006/OS
Summercamps_160706/Micha Kersloot.pdf
http://www.lesbell.com.au/
Home.nsf/
b
8ec57204f6
0dfcb4a256
8c60014ed0
f/
ea086817
7c73725fca
25713f006f
cefc/$FILE
/eimnotes.
pdf
http://www.islandlinux.org
/HOWTO/ope
nldap_samb
a.html
http://www.opensourcehowto
.org/how-t
o/samba/op
enldap-lam
-
samba-as-
pdc.html
http://gentoo-wiki.com/Spe
cial:Searc
h?search=s
amba+pdc&g
o=Go
Random Solutions
Dreamweaver MX pop-up menus hidden behind .swf
MYOB - Move program to new hdd - no cd available
Get each sheet in a workbook into seperate new workbooks and save as the sheet name.
Use a SSIS package to query a .xls file, manipulate the data, then push to an Access2003 table (only landing on disk 1 time)
PayPal Donation button and IPN
Error Handler For 404
abnormal network activities in windows xp
can anyone explain the usage of FTPPWD in UNIX
Microphone output has to be unmuted???
python wxpython settopwindow
