Overview#
This page describes the process to protect the DS from anonymous access.
Manual Procedure#
Edit the DS configuration to disable anonymous binds:
$ ldapmodify -x -D "cn=Directory manager" -w Secret.123
dn: cn=config
changetype: modify
replace: nsslapd-allow-anonymous-access
nsslapd-allow-anonymous-access: off
Restart the DS:
$ systemctl restart dirsrv@pki-tomcat.service
Verify with the following command:
$ ldapsearch -x -b "" -s base
ldap_bind: Inappropriate authentication (48)
additional info: Anonymous access is not allowed