This website uses cookies. By continuing to browse or login to this website, you consent to the use of cookies. Learn more.
OK
gbatty1
Commander
Commander
‎2018-01-03 06:18
479 views

Disable Anonymous LDAP on Admin Console

Hi All,

Has anybody made a change to disable the anonymous ldap access to the admin console? Wondering if you have disabled anonymous access the same as you would a normal eDirectory instance for example?

Cheers,
GB
0 Likes
Reply
Report Inappropriate Content
1 Reply
aburgemeister
Knowledge Partner Knowledge Partner
Knowledge Partner
‎2018-01-03 06:53

I have not, but I am pretty sure it would be fine. I have never seen a
NAM component that works without authentication, so using the standard
ldapconfig command to change this would probably be safe. Of course,
testing outside of production first is a good idea. Submitting an
enhancement to have that be the default is probably not a bad idea either.
The principle of Defense in Depth would also recommend blocking access to
the LDAP and LDAPS ports outside of the NAM systems themselves, which I
already do, so somebody needs to actually be on one of those to try to
access the Admin Console in any way.


--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.
0 Likes
Reply
Report Inappropriate Content
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.