You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Emmanuel Lecharny (JIRA)" <ji...@apache.org> on 2019/06/16 14:57:00 UTC
[jira] [Updated] (DIRSERVER-1795) Add an ACI to RootDSE
[ https://issues.apache.org/jira/browse/DIRSERVER-1795?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-1795:
-----------------------------------------
Component/s: rootDSE
aci
> Add an ACI to RootDSE
> ---------------------
>
> Key: DIRSERVER-1795
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1795
> Project: Directory ApacheDS
> Issue Type: Improvement
> Components: aci, rootDSE
> Affects Versions: 2.0.0-M10
> Reporter: Kiran Ayyagari
> Assignee: Kiran Ayyagari
> Priority: Major
> Fix For: 2.0.0-RC1
>
>
> We might want to have this ACI stored and updated in configuration partition cause RootDSE is a virtual entry.
> The discussion that sparked this idea is given below.
> Is there a way to disable anonymous access to rootDSE
> 3 messages
> Hammond, Steven <St...@polycom.com> Sat, Feb 2, 2013 at 3:22 AM
> Reply-To: users@directory.apache.org
> To: "users@directory.apache.org" <us...@directory.apache.org>
> We need to satisfy a requirement that takes issue with being able to see who the vendor of the directory server is without authenticating first. I think it will be a problem since authenticating uses SASL and rootDSE shows the SASLmechanisms allowed, but maybe someone knows a way.
> Requirement is related to this page. http://www.stigviewer.com/check/V-14797
> Thank you.
> Kiran Ayyagari <ka...@apache.org> Sat, Feb 2, 2013 at 10:33 AM
> To: users@directory.apache.org
> no, this is not currently possible
> [Quoted text hidden]
> --
> Kiran Ayyagari
> http://keydap.com
> Emmanuel Lécharny <el...@gmail.com> Sat, Feb 2, 2013 at 11:45 AM
> Reply-To: users@directory.apache.org, elecharny@apache.org
> To: users@directory.apache.org
> Le 2/2/13 6:03 AM, Kiran Ayyagari a écrit :
> > no, this is not currently possible
> We may need to implement an ACI authz on the rootDSE, something we don't
> currently support.
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org