Re: How to disable anonymous access for embedded ApacheDS

2012/11/23 Kiran Ayyagari the branch to which you want to add the prescriptiveACI > add the attribute administrativeRole with the value > accessControlSpecificArea > Thanks! How to write ACI to allow to read only own userPassword field? -- Regards, Eugene Prokopiev

Re: How to disable anonymous access for embedded ApacheDS

the branch to which you want to add the prescriptiveACI add the attribute administrativeRole with the value accessControlSpecificArea On Fri, Nov 23, 2012 at 1:20 PM, Eugene Prokopiev wrote: > The problem is \"enableSearchForAllUsers\" substring, backslashes are not > needed. > > Now I have anot

Re: How to disable anonymous access for embedded ApacheDS

The problem is \"enableSearchForAllUsers\" substring, backslashes are not needed. Now I have another problem: $ ldapadd -h localhost -p 10389 -D "uid=admin,ou=system" -W -f aci.ldif Enter LDAP Password: adding new entry "cn=enableSearchForAllUsers,dc=home" ldap_add: No such attribute (16)

Re: How to disable anonymous access for embedded ApacheDS

looks like the lack of precedence value in user permissions is causing this try this(note that the only addition is 'precedence 1,') { identificationTag "enableSearchForAllUsers", precedence 11, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { allU

Re: How to disable anonymous access for embedded ApacheDS

I tried to allow search for all users as described in http://directory.apache.org/apacheds/1.5/enablesearchforallusers.html: $ ldapadd -h localhost -p 10389 -D "uid=admin,ou=system" -W -f aci.ldif Enter LDAP Password: adding new entry "cn=enableSearchForAllUsers,dc=home" ldap_add: Invalid syntax (

Re: How to disable anonymous access for embedded ApacheDS

2012/11/22 Kiran Ayyagari > try after calling > > directory.setAccessControlEnabled(true); > Thanks, it helps. How I have new tasks: 1) how to change default admin password? 2) how to define ACLs which looks like: access to attrs=userPassword by self write by anonymous auth by * n

Re: How to disable anonymous access for embedded ApacheDS

2012/11/22 Pierre-Arnaud Marcelot > > It should be complicated to disable anonymous access on 2.0. > Is possible to restrict anonymous read access only to userPassword field and write access for anybody except admin account? How can I implement with ApacheDS something like: access to attrs=use

Re: How to disable anonymous access for embedded ApacheDS

try after calling directory.setAccessControlEnabled(true); On Thu, Nov 22, 2012 at 6:39 PM, Eugene Prokopiev wrote: > Hi, > > Is it possible to disable anonymous access for embedded ApacheDS? I tried > to do this: > > public class Application { > public static void main(String[] args) throw

Re: How to disable anonymous access for embedded ApacheDS

Hi Eugene, You'd rather use ApacheDS 2.0. Even if we're still only releasing milestone versions (and the documentation is mostly lacking), it's way better than using any other older version. It should be complicated to disable anonymous access on 2.0. Regards, Pierre-Arnaud On 22 nov. 2012,

How to disable anonymous access for embedded ApacheDS

Hi, Is it possible to disable anonymous access for embedded ApacheDS? I tried to do this: public class Application { public static void main(String[] args) throws Exception { DirectoryService directory = new DefaultDirectoryService(); directory.startup(); LdapServer ld