\DISALLOW bind_anon_cred in slapd.conf file causes RC=256 during CA LDAP startup.
Article ID: 130924
Updated On:
Products
Top Secret
Top Secret - LDAP
Issue/Introduction
Setting "DISALLOW bind_anon_cred" receives the following error:
./xxx/slapd.conf: line 168: unknown feature bind_anon_cred
and a RC=0256 stops the CA LDAP initialization.
"DISALLOW bind_anon_cred" is documented in the manuals.
Environment
Release:
Component: TSSLDP
Component: TSSLDP
Resolution
Documentation will be updated in the future with:
The values allowed for "allow" are as follows: bind_v2 bind_anon_cred
bind_anon_dn
update_anon
proxy_authz_anon
The reason for this is because by default these are now all disallowed and are no longer verbs permitted on the disallow config option.
The values now permitted on the disallow config option are:
bind_anon
bind_simple
tls_2_anon
tls_authc
proxy_authz_non_critical dontusecopy_non_critical
The values allowed for "allow" are as follows: bind_v2 bind_anon_cred
bind_anon_dn
update_anon
proxy_authz_anon
The reason for this is because by default these are now all disallowed and are no longer verbs permitted on the disallow config option.
The values now permitted on the disallow config option are:
bind_anon
bind_simple
tls_2_anon
tls_authc
proxy_authz_non_critical dontusecopy_non_critical
Feedback
Yes
No
Powered by
