-
Improvement
-
Resolution: Fixed
-
Major
-
None
-
None
We currently don't allow anonymous binding; the java.naming.security.principal property must be set to the exact DN (minus the user id which is substituted) to connect to ldap. This makes it impossible to authenticate users which are stored in different sub-ou (organizational units). (unless each of them is configured specifically) Many ldap setups allow anonymous binding and authentication once the user record is found.
- duplicates
-
MGNLLDAP-3 Allow user authentication without accessing directory with admin credentials
- Closed
- is depended upon by
-
MGNLLDAP-17 MS ActiveDirectory - allow configurable attribute for username authentication
- Closed
- is related to
-
MGNLLDAP-42 AD: use the user's DN to authenticate/bind
- Closed