I had to enable this option, because FreeIPA 4 doesn't make group membership visible to anonymous binds. The documentation for this option says:
This directive should only be used when your LDAP server doesn't accept anonymous comparisons and you cannot use a dedicated AuthLDAPBindDN. I've been trying to think of a way in which creating an additional LDAP user, just for this purpose, and storing its password in cleartext in a configuration file is a better option. I can't come up with anything. Does anyone know why this option is discouraged? -- ======================================================================== Ian Pilcher arequip...@gmail.com -------- "I grew up before Mark Zuckerberg invented friendship" -------- ======================================================================== --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
