how to re-enable anonymous login in openldap

3.7k views Asked by At

I have recently installed openldap 2.4.42 and disabled anonymous login using the following content in ldif file.

dn: cn=config changetype: modify add: olcDisallows olcDisallows: bind_anon

dn: cn=config changetype: modify add: olcRequires olcRequires: authc

dn: olcDatabase={-1}frontend,cn=config changetype: modify add: olcRequires olcRequires: authc

I can even see access to dn.base="" by * read in slapd.conf file Now, I have a application(wordpress blog) which is trying to connect to LDAP server using anonymous login and failing because of that reason. I tried few options but none of them are working. Can someone help me out on how to re-enable the LDAP anonymous login.

Thanks in advance

1

There are 1 answers

2
Abdelhamid MEDDEB On BEST ANSWER

What type of configuration are you using ? slapd.conf or slapd.d/ folder ? You cannot use both at the same time. Drop added olcDisallows & olcRequires configuration if you use slapd.d/ folder configuration. Or delete countrepart settings from slapd.conf file (disallow & require) if you use slapd.conf configuration file.

To delete what you said you added to activate this behavior, ie with an LDIF file for example:

dn: cn=config
changetype: modify
delete: olcDisallows
olcDisallows: bind_anon
-
dn: cn=config
changetype: modify
delete: olcRequires
olcRequires: authc
-
dn: olcDatabase={-1}frontend,cn=config
changetype: modify
delete: olcRequires
olcRequires: authc

You should also verify that targeted anonymous access is allowed by database ACLs (olcAccess parameter)