Redhat Directory Server search changing

Latest response



please let me know if it is possible to restrict the directory service to allow anonymous search of the Directory users but disable enumeration(listing) of all the user in the directory.

we have an existing setup and i am not an expert on this product





You can set anonymous specific limits,  For eg:

create a template entry to specify limits for anonymous.

objectClass: top
objectClass: nscontainer
nsslapd-sizelimit: 50

and set nsslapd-anonlimitsdn (under cn=config) to the above template entry.

nsslapd-anonlimitsdn: cn=anonymous-limits,dc=example,dc=com

With the above configuration, the maximum number of entries returned for an anonymous query would be 50.

Refer:  (Check section nsslapd-anonlimitsdn )

Hope this helps.