On 01/28/2014 03:33 PM, Guillermo Fuentes wrote: > > Hello, > > > > We are deploying FreeIPA (which it's a great project BTW) as our > Identity Management System. As we don't want any info from the > directory to be publically available, we tried disabling anonymous > binds but it breaks UI logins on Macs (10.8.5 and 10.9.1) > > > > FreeIPA logs show that OS X retrieves attributes using anonymous bind > and when it's disabled it logs: > > ... authzid="(null)", anonymous search not allowed > > > > Has anyone been able to get this setup working properly? >
You need to look on the Mac side. It seems that in the configuration you used Mac tries to do a lookup after anonymous bind. It might be that you need to configure a special account on Mac to be able to work around this issue. > > > Thanks in advance, > > Guillermo > > > > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
