CONFIGURING


Anonymous LDAP search access and upgrades from previous releases

If you upgrade a server, the LDAP service uses the LDAP anonymous access configuration from the previous release.

About this task

If you create or edit the domain Configuration Settings document after updating the directory with the new PUBNAMES.NTF design, the list of attributes allowed for anonymous access shown in the table are not included.

These attributes were not listed in previous releases because you could not prevent anonymous LDAP access to them -- in previous releases anonymous LDAP users always had search access to these attributes. Starting with version 6, you can deny anonymous LDAP search access to the attributes in the table, although they are allowed for anonymous search access by default to be consistent with the anonymous search behavior of previous releases.

Table 1. Anonymous Access Attributes Not Listed in Releases prior to Version 6
AttributeAttributeAttributeAttribute
altServerditContentRulesnamingContextssubschemasubentry
attributeTypesextendedAttributeInfoosupportedControl
cextendedClassInfoobjectClasssupportedExtension
cnlobjectClassessupportedLDAPVersion
createTimestampldapSyntaxesousupportedSASLMechanisms
creatorsNamemodifiersNamestvendorname
dcmodifyTimestampstreetvendorversion

Related concepts
Configuring anonymous LDAP search access to a directory

Related tasks
Using the domain Configuration Settings document to customize anonymous LDAP search access to a directory
Converting the default anonymous access settings to database ACL and extended ACL settings