[Samba] Can I allow anonymous LDAP binding to samba 4.1 AD ?
Bob of Donelson Trophy
bob at donelsontrophy.net
Thu Jan 22 11:11:45 MST 2015
Thanks, Mark.
---
-------------------------
Bob Wooden of Donelson Trophy
615.885.2846 (main)
www.donelsontrophy.com [3]
"Everyone deserves an award!!"
On 2015-01-22 11:52, Marc Muehlfeld wrote:
> Am 22.01.2015 um 17:19 schrieb John Yocum:
> When I change dsHeuristics=0000002001001 like M$ said: https://technet.microsoft.com/en-us/library/cc816788%28v=ws.10%29.aspx [1] Not works. I've got anonymous binds enabled, using the instructions at http://www.petri.com/anonymous_ldap_operations_in_windows_2003_ad.htm [2]
But everyone should really think about if it's a good idea to allow
anonymous bind to AD. MS had a good reason to disable this already in
Server 2003 by default!
It's better to create an AD user, and use that one for the LDAP bind.
Regards,
Marc
Links:
------
[1]
https://technet.microsoft.com/en-us/library/cc816788%28v=ws.10%29.aspx
[2]
http://www.petri.com/anonymous_ldap_operations_in_windows_2003_ad.htm
[3] http://www.donelsontrophy.com
More information about the samba
mailing list