Dongsheng Song
2015-Jan-22 08:55 UTC
[Samba] Can I allow anonymous LDAP binding to samba 4.1 AD ?
Hi, When I change dsHeuristics=0000002001001 like M$ said: https://technet.microsoft.com/en-us/library/cc816788%28v=ws.10%29.aspx Not works.
John Yocum
2015-Jan-22 16:19 UTC
[Samba] Can I allow anonymous LDAP binding to samba 4.1 AD ?
On 01/22/2015 12:55 AM, Dongsheng Song wrote:> Hi, > > When I change dsHeuristics=0000002001001 like M$ said: > > https://technet.microsoft.com/en-us/library/cc816788%28v=ws.10%29.aspx > > Not works. >I've got anonymous binds enabled, using the instructions at http://www.petri.com/anonymous_ldap_operations_in_windows_2003_ad.htm -- John Yocum, Systems Administrator, DEOHS
Marc Muehlfeld
2015-Jan-22 17:52 UTC
[Samba] Can I allow anonymous LDAP binding to samba 4.1 AD ?
Am 22.01.2015 um 17:19 schrieb John Yocum:>> When I change dsHeuristics=0000002001001 like M$ said: >> >> https://technet.microsoft.com/en-us/library/cc816788%28v=ws.10%29.aspx >> >> Not works. >> > > I've got anonymous binds enabled, using the instructions at > http://www.petri.com/anonymous_ldap_operations_in_windows_2003_ad.htmBut everyone should really think about if it's a good idea to allow anonymous bind to AD. MS had a good reason to disable this already in Server 2003 by default! It's better to create an AD user, and use that one for the LDAP bind. Regards, Marc