I have recently installed openldap 2.4.42 and disabled anonymous login using the following content in ldif file.
dn: cn=config changetype: modify add: olcDisallows olcDisallows: bind_anon
dn: cn=config changetype: modify add: olcRequires olcRequires: authc
dn: olcDatabase={-1}frontend,cn=config changetype: modify add: olcRequires olcRequires: authc
I can even see access to dn.base="" by * read in slapd.conf file Now, I have a application(wordpress blog) which is trying to connect to LDAP server using anonymous login and failing because of that reason. I tried few options but none of them are working. Can someone help me out on how to re-enable the LDAP anonymous login.
Thanks in advance
What type of configuration are you using ? slapd.conf or slapd.d/ folder ? You cannot use both at the same time. Drop added olcDisallows & olcRequires configuration if you use slapd.d/ folder configuration. Or delete countrepart settings from slapd.conf file (disallow & require) if you use slapd.conf configuration file.
To delete what you said you added to activate this behavior, ie with an LDIF file for example:
dn: cn=config
changetype: modify
delete: olcDisallows
olcDisallows: bind_anon
-
dn: cn=config
changetype: modify
delete: olcRequires
olcRequires: authc
-
dn: olcDatabase={-1}frontend,cn=config
changetype: modify
delete: olcRequires
olcRequires: authc
You should also verify that targeted anonymous access is allowed by database ACLs (olcAccess parameter)