My Oracle Support Banner

OUD 11g - How To Disable Anonymous Access In OUD 11.1.2.3.x (Doc ID 2262106.1)

Last updated on JULY 16, 2020

Applies to:

Oracle Unified Directory - Version 11.1.2.3.161018 and later
Information in this document applies to any platform.

Goal

Subject: How to disable anonymous access in OUD 11.1.2.3.x
+++++++++++++++++++++++++++++++++++++++++++++++

Problem Description
+++++++++++++++++++++++

Original steps to disable anonymous access were incorrectly described in the following older OUD Documentation:

11.1.2.2.0 - Disabling Anonymous Access

When attempting to use these steps, it can fail when the following is executed:

$ ./dsconfig -h localhost -p 4444 -D "cn=Directory Manager" -j <PASSWORD_FILE> -n \
> set-access-control-handler-prop \
> --remove global-aci:'(targetattr!="userPassword||authPassword") \
> (version 3.0; acl "Anonymous read access"; \
> allow (read,search,compare) userdn="ldap:///anyone";)'
The value "(targetattr!="userPassword||authPassword") \
 (version 3.0; acl "Anonymous read access"; \
allow (read,search,compare) userdn="ldap:///anyone";)" is not a valid value
for the Dsee Compat Access Control Handler property "global-aci" which has the
following syntax: ACI


Also checking, using ODSM (Oracle Directory Services Manager), two items are under Directory ACLs,

which do not match the descriptions in the original instructions/examples:

Anonymous control access:

 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.