Am developing the spring application with LDAP. Is there is any option to prevent the anonymous bind in LDAP. Am using Apache Directory Studio. Even I am giving the simple bind. Anonymous bind is permitted
Pl. help me to fix this.
Thanks in Advance
Asked
Active
Viewed 2,356 times
-1
-
Unanswerable without knowing which LDAP server you're using, apart from merely saying 'yes': and off-topic. – user207421 Jun 15 '19 at 10:02
-
@user207421 I missed to mention. I am using Apache Directory Studio – Aadhavan G S Jun 15 '19 at 11:51
1 Answers
1
Most current LDAP server implementations have an option to disable anonymous binds.
From a LDAP client perspective you can check if the bindDN and password is empty and disallow any such request.
THere is also a "Un-authenticated Bind" term used by some were the bindDN is known but the password is empty which you could also disallow.
-jim
jwilleke
- 10,467
- 1
- 30
- 51