Bug 1467949 - Update "Allowing Unauthenticated Binds" section
Summary: Update "Allowing Unauthenticated Binds" section
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Directory Server
Classification: Red Hat
Component: Doc-administration-guide
Version: 10.1
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Marc Muehlfeld
QA Contact: Viktor Ashirov
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-07-05 15:15 UTC by Marc Muehlfeld
Modified: 2017-07-13 07:06 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-07-13 07:06:45 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Marc Muehlfeld 2017-07-05 15:15:57 UTC
Document URL: 
https://access.redhat.com/documentation/en-us/red_hat_directory_server/10/html/administration_guide/configuring-special-binds#unauthenticated-binds


Section Number and Name: 
15.7.3. Allowing Unauthenticated Binds


Describe the issue / Suggestions for improvement:
* "changetype: replace" must be "changetype: modify"
* In the "ldapsearch" example, it's not obvious that we don't enter a password when we use -W. It would be better to use -w "" instead.
* Add a <warning> that this dangerous!

Comment 1 Marc Muehlfeld 2017-07-05 15:32:15 UTC
> Unauthenticated binds only apply to bind attempts where a password is
> not given but a bind identity is.

This also doesn't seem to be correct. In my 10.1 test environment I can connect without or with an non-existent user name and get results. For example:
# ldapsearch -D "cn=non-existent-user" -w "" -p 389 -h server.example.com -b "dc=example,dc=com" -x

Comment 2 Marc Muehlfeld 2017-07-06 08:42:28 UTC
The parameter description in the Configuration, Command, and File Reference needs a huge <warning>, too.

Comment 4 Marc Muehlfeld 2017-07-13 07:06:45 UTC
The update is now available on the Customer Portal.


Note You need to log in before you can comment on or make changes to this bug.