boring-assed tech question about LDAP

Jun. 20th, 2011 09:56 am
rmd: (trinity keyboard)
[personal profile] rmd
So, LDAP. And NAT.
When something connects to an LDAP server, does it identify/authenticate itself via something in the actual LDAP connection? Or does the LDAP server rely on the source IP of the connecting host to figure out if the client is or can get to privileged objects?
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Date: 2011-06-20 03:17 pm (UTC)
From: [identity profile] i-leonardo.livejournal.com
it's configuration dependent. in Your Employer's case, at least when i left, anonymous binds are permitted from on-campus (based on their IP addr range) but were only permitted to see "public" data. as ghastly as it sounds, non-SSL authenticating binds ARE permitted ! so be careful where you type your password, eugene. an application, like the dhcp registration app, can see retrieve un-published user data IF they have an application LDAP entry with its own paswword. when an app needs to authenticate a user, it asks the user to supply their uname and password. the app binds to LDAP (SSL), authenticates itself, uses the uname to search for the user's DN (not the same as the uname), and releases the connection. then it attempts to bind again, this time using the user's DN and password.
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Profile

rmd: (Default)
rmd

June 2025

S M T W T F S
1234567
89 1011121314
15161718192021
22232425262728
2930     

Most Popular Tags

Page Summary

Active Entries

Style Credit

Expand Cut Tags

No cut tags
Page generated Jan. 20th, 2026 11:57 pm
Powered by Dreamwidth Studios