I’ve configured a server to use LDAP authentication and checking the LDAP server configuration I disabled the acceptance of anonymous Bind Requests.
Once I did this, KDE started asking for LDAP credentials (like a login), so I suppose it’s using anonymous Bind Requests to retrieve information from the server.
I find that window requesting LDAP credentials a bit annoying but at the same time I’d like to avoid anonymous Bind Requests.
In fact it’s a server in a small network and LDAP is being used locally only (local authentication on the system, ftp authentication and web site access authentication). LDAP ports are closed on the firewall and they’re not forwarded on the router.
I don’t foresee any need to access the LDAP directory from outside, so I believe the ports will remain closed.
Ok, in that case I think there’s no reason to worry too much, because I have in deed configured TLS.
There’s one thing, though, that keeps me puzzled. If I uncheck the LDAP option on the YAST LDAP server (leaving the LDAPS checked), even if I tell the YAST LDAP client to connect using TLS, it’ll say that it cannot connect! Any idea?