DIRECTORY SERVICES
Anonymous LDAP search access and upgrades from previous releases
If you upgrade a server to IBM® Lotus® Domino® 6 or later, the LDAP service uses the LDAP anonymous access configuration from the previous release. If you create or edit the domain Configuration Settings document after updating the directory with the Lotus Domino 6 PUBNAMES.NTF design, the list of attributes allowed for anonymous access include the following attributes not listed in previous releases:
Attribute
Attribute
Attribute
Attribute
altServer
ditContentRules
namingContexts
subschemasubentry
attributeTypes
extendedAttributeInfo
o
supportedControl
c
extendedClassInfo
objectClass
supportedExtension
cn
l
objectClasses
supportedLDAPVersion
createTimestamp
ldapSyntaxes
ou
supportedSASLMechanisms
creatorsName
modifiersName
st
vendorname
dc
modifyTimestamp
street
vendorversion
These attributes were not listed in previous releases because you could not prevent anonymous LDAP access to them -- in previous releases anonymous LDAP users always had search access to these attributes. Starting with Lotus Domino 6, you can deny anonymous LDAP search access to the attributes above, although they are allowed for anonymous search access by default to be consistent with the anonymous search behavior of previous releases.
Related topics
Configuring anonymous LDAP search access to a directory
Using the domain Configuration Settings document to customize anonymous LDAP search access to a directory
Converting the default anonymous access settings to database ACL and extended ACL settings
Glossary
Feedback on
Help
or
Product Usability
?
Help on Help
All Help Contents
Glossary