Anonymous Access to LDAP

It's mandatory to allow anonymous access to the LDAP's information. This can be done through the ADSI Edit in the Configuration connection point.

1. Rigth click over the following entrance and select Properties;

   CN=Configuration, CN=Services, CN=Windows NT, CN=Directory Service
   

   Figure 1.27: Configuration Connection Point - dsHeuristics

   

2. Edit the variable named dsHeuristics:
   • If not set change it to - 0000002
   • If set to 001 change it to - 0010002
3. Click OK
4. Click OK

Then you must configure the Access Lists at OU=auto.home:

1. At ADSI Edit confirm that the connection point is Domain;
2. Select the OU=auto.home entry and right click;

   Figure 1.28: Domain Connection Point - OU=auto.home

   

3. Select Properties and choose Security;
4. Add an entry with the following information:
   • Add: ANONYMOUS LOGON : Check: Read

     Figure 1.29: ANONYMOUS LOGON

     

     Figure 1.30: Check: Read

     

   • Advanced
   • Select the line ANONYMOUS LOGON
   • Change Apply into: This object and all child objects

     Figure 1.31: ANONYMOUS LOGON - This object and all child objects

     

   • Confirm all with OK

Atention: Anonymous logon permissions should be defined only for OU=auto.home and his childs.