1. Manuals
  2. Brands
  3. Netscape Manuals
  4. Server
  5. NETSCAPE DIRECTORY SERVER 6.0 - DEPLOYMENT
  6. Deployment manual

Simple Password - Netscape DIRECTORY SERVER 6.0 - DEPLOYMENT Deployment Manual

Hide thumbs
Table of Contents

Advertisement

Selecting Appropriate Authentication Methods
Deny access if the user provides any non-null string for the password
For example, consider the following ldapsearch command:
% ldapsearch -D "cn=joe" -w secretpwd -b "example.com" cn=joe
Although the directory allows anonymous access for read, Joe cannot access his
own entry because it does not contain a password that matches the one he
provided in the

Simple Password

If you have not set up anonymous access, you must authenticate to the directory
before you can access the directory contents. With simple password authentication,
a client authenticates to the server by sending a simple, reusable password.
For example, a client authenticates to the directory via a bind operation in which it
provides a distinguished name and a set of credentials. The server locates the entry
in the directory that corresponds to the client DN and checks whether the
password given by the client matches the value stored with the entry. If it does, the
server authenticates the client. If it does not, the authentication operation fails and
the client receives an error message.
The bind DN often corresponds to the entry of a person. However, some directory
administrators find it useful to bind as an organizational entry rather than as a
person. The directory requires the entry used to bind to be of an object class that
allows the
bind DN and password.
Most LDAP clients hide the bind DN from the user because users may find the long
strings of DN characters hard to remember. When a client attempts to hide the bind
DN from the user, it uses a bind algorithm such as the following:
The user enters a unique identifier such as a user ID (for example,
1.
The LDAP client application searches the directory for that identifier and
2.
returns the associated distinguished name (such as
uid=fchen,ou=people,dc=example,dc=com
The LDAP client application binds to the directory using the retrieved
3.
distinguished name and the password supplied by the user.
126
Netscape Directory Server Deployment Guide • December 2001
command.
ldapsearch
attribute. This ensures that the directory recognizes the
userPassword
).
).
fchen

Advertisement

Table of Contents
loading

Related Manuals for Netscape NETSCAPE DIRECTORY SERVER 6.0 - DEPLOYMENT

Related Content for Netscape NETSCAPE DIRECTORY SERVER 6.0 - DEPLOYMENT

This manual is also suitable for:

Netscape directory server 6.0

Table of Contents