Major Description
We might want to have this ACI stored and updated in configuration partition cause RootDSE is a virtual entry.
The discussion that sparked this idea is given below.
Is there a way to disable anonymous access to rootDSE
3 messages
Hammond, Steven <Steven.Hammond@polycom.com> Sat, Feb 2, 2013 at 3:22 AM
Reply-To: users@directory.apache.org
To: "users@directory.apache.org" <users@directory.apache.org>
We need to satisfy a requirement that takes issue with being able to see who the vendor of the directory server is without authenticating first. I think it will be a problem since authenticating uses SASL and rootDSE shows the SASLmechanisms allowed, but maybe someone knows a way.
Requirement is related to this page. http://www.stigviewer.com/check/V-14797
Thank you.
Kiran Ayyagari <kayyagari@apache.org> Sat, Feb 2, 2013 at 10:33 AM
To: users@directory.apache.org
no, this is not currently possible
[Quoted text hidden]
–
Kiran Ayyagari
http://keydap.com
Emmanuel Lécharny <elecharny@gmail.com> Sat, Feb 2, 2013 at 11:45 AM
Reply-To: users@directory.apache.org, elecharny@apache.org
To: users@directory.apache.org
Le 2/2/13 6:03 AM, Kiran Ayyagari a écrit :
> no, this is not currently possible
We may need to implement an ACI authz on the rootDSE, something we don't
currently support.
–
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com