This is cause for concern. Is there a hardening / best practices for production guide anywhere, did I miss a section of the documentation?
What else do I need to secure? I understand that there is a tradeoff between security and compatibility, but maybe there should be a ipa-secure script somewhere? On Wed, Jan 1, 2014 at 10:41 AM, Jitse Klomp <jitsekl...@gmail.com> wrote: > It is possible to disable anonymous binds to the directory server. Take a > look at https://docs.fedoraproject.org/en-US/Fedora/18/html/ > FreeIPA_Guide/disabling-anon-binds.html > > - Jitse > > > > On 01/01/2014 07:01 PM, Rajnesh Kumar Siwal wrote: > >> It exposes the details of all the users/admins in the environment. >> There should be a user that the IPA should use to fetch the details from >> the IPA Servers. Without Authentication , no one should be able to fetch >> any information from the IPA Server. >> > > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users > -- Kind regards, Will Sheldon +1.(778)-689-4144
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
