Disable anonymous ldap bind to Active directory

D

Dejan Gambin

Hello,

I am trying to disable anonymous ldap bind to AD but have no success.
There are three things I have noticed:

1. If I try to bind as existing user, than the password must match
even if it is blank

2. If I try to bind as non-existing user with non-blank password, it
fails

3. If I try to bind as non-existing user with blank password it passes
and I do not want that.

How can I disable this?

By the way, I am using ldap_bind php function to do binding...

Thanks in advance

Dejan Gambin
 
S

Simon Geary

Are you perhaps hitting the rootDSE? This information is supposed to be
public and available to anyone.
 
D

Dejan Gambin

Simon Geary said:
Are you perhaps hitting the rootDSE? This information is supposed to be
public and available to anyone.
Click to expand...

Well, if I understand right, rootDSE is retrieved from LDAP server by
doing a base-level search with a null basedn. I am using
"DC=mycompany, DC=local" basedn when searching with ldap_search
function, but first I connect using ldap_connect to my server on port
389 and then ldap_bind with username/password. So I really don't know
if I am hitting the rootDSE or not??

Regards, Dejan
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

unable to connect to active directory server 2
How to prevent LDAP simple bind? 9
Cannot retrieve 'pwdLastSet' with anonymous bind to AD 3
Ldap Bind Time, 0
how to tell if an AD server supports LDAP over SSL? 2
connecting with LDAP bind? 3
enabling Anonymous LDAP operations to Active Directory 5
connecting problem in vb.net with ldap to active directory 4

Top