On Tue, 2010-02-09 at 21:29 +0000, Joseph L. Casale wrote:
seems to me that permitting an anonymous bind to LDAP is inherently more secure than requiring a user/password combination so I don't think that your explanation is exactly true.
There are ways to create accounts just for this with reduced privileges. Research technet...
In Microsoft's view, the only systems querying LDAP would be systems automatically passing the authentication.
Wow, someone actually hacking on MS for expecting us to do things secure? What will they expect next:)
If they didn't and by default allowed anon binds, "someone" would surely say "Microsoft sucks, they don't expect us to do this securely, blah blah".
The topic is mute, lets save the list the despair of rehashing the severely hashed. From the point of view of some, MS will always suck. Changing the minds of that type of person isn't my interest, I was merely pointing out some facts surrounding the implementation of the topic at hand. Sorry for disagreeing with you:)
---- I just disagree with your parsing and conclusions.
I did not hack on MS for expecting us to do things securely nor did I say that preventing anonymous binds made it more secure. I think I actually said the opposite.
anonymous binds are just that - anonymous binds and there could easily be ACL's that govern what you can access without a user/password but I think Microsoft is after overall simplicity.
The topic would necessarily be 'moot' and not 'mute' and I was uncomfortable with the notion that you were chiding the OP for thinking that an anonymous bind was less secure - in most instances, it is a more secure option... especially for his usage. If he could bind anonymously, he could bind, let the user supply the account/password, authenticate and thus no account information would be necessary in the config files so it speaks directly to the OP's desires.
Better security.
Craig