Rich Megginson wrote:
When you first log in to the console, and you type in your ID, the directory server has no credentials, and has to perform an anonymous search for uid=youruid to find your BIND DN. This is the same as when you log in to the operating system - pam has to do a search like uid=youruserid as anonymous to find your BIND DN. Not sure why selecting Use SSL in Console would fix that.
It does not /have/ to perform an anonymous bind, it can do a proxy bind. PAM supports this as well, just by providing it with a 'binddn' and 'bindpw' in /etc/ldap.conf.
The console should also support proxy authentication. -Brandon
-- 389 users mailing list 389-us...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
