Change the default anonymous access control rule to only allow the attribute "cn":
aci: (targetattr = "cn") (version 3.0;acl "Enable anonymous access";allow (read,compare,search)(userdn = "ldap:///anyone");)
$ ldapsearch -xLLL -b dc=example,dc=com cn=ipv6 dn: cn=ipv6,dc=example,dc=com cn: ipv6
$ ldapsearch -xLLL -b dc=example,dc=com cn=ipv6 * dn: cn=ipv6,dc=example,dc=com
We should still be getting the "cn" attribute back when we ask for "All attributes", but we do not.
False positive, need to escape it \*
\*
Metadata Update from @mreynolds: - Custom field component adjusted to None - Custom field origin adjusted to None - Custom field reviewstatus adjusted to None - Custom field type adjusted to None - Custom field version adjusted to None - Issue close_status updated to: invalid - Issue status updated to: Closed (was: Open)
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/2784
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: invalid)
Login to comment on this ticket.