OUD - How to Disable Anonymous Access
(Doc ID 2262106.1)
Last updated on FEBRUARY 13, 2023
Applies to:
Oracle Unified Directory - Version 11.1.2.3.161018 and laterInformation in this document applies to any platform.
Goal
Subject: How to disable anonymous access in OUD
+++++++++++++++++++++++++++++++++++++++++++++++
Problem Description
+++++++++++++++++++++++
Original steps to disable anonymous access were incorrectly described in the following older OUD Documentation:
11.1.2.2.0 - Disabling Anonymous Access
When attempting to use these steps, it can fail when the following is executed:
$ ./dsconfig -h localhost -p ADMIN_PORT -D "cn=DS_ADMIN" -j <PASSWORD_FILE> -n \
> set-access-control-handler-prop \
> --remove global-aci:'(targetattr!="userPassword||authPassword") \
> (version 3.0; acl "Anonymous read access"; \
> allow (read,search,compare) userdn="ldap:///anyone";)'
The value "(targetattr!="userPassword||authPassword") \
(version 3.0; acl "Anonymous read access"; \
allow (read,search,compare) userdn="ldap:///anyone";)" is not a valid value
for the Dsee Compat Access Control Handler property "global-aci" which has the
following syntax: ACI
Also checking, using ODSM (Oracle Directory Services Manager), two items are under Directory ACLs,
which do not match the descriptions in the original instructions/examples:
Anonymous control access:
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Goal |
| Solution |
| References |