Redhat Directory Server search changing
HI
please let me know if it is possible to restrict the directory service to allow anonymous search of the Directory users but disable enumeration(listing) of all the user in the directory.
we have an existing setup and i am not an expert on this product
Regards,
Ben
Responses
You can set anonymous specific limits, For eg:
create a template entry to specify limits for anonymous.
cn=anonymous-limits,dc=example,dc=com
objectClass: top
objectClass: nscontainer
nsslapd-sizelimit: 50
and set nsslapd-anonlimitsdn (under cn=config) to the above template entry.
nsslapd-anonlimitsdn: cn=anonymous-limits,dc=example,dc=com
With the above configuration, the maximum number of entries returned for an anonymous query would be 50.
Refer: https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/8.2/html/Configuration_and_Command-Line_Tool_Reference/Core_Server_Configuration_Reference.html (Check section 3.1.1.20. nsslapd-anonlimitsdn )
Hope this helps.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
