Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: ldap (oid) name resolution security !

Re: ldap (oid) name resolution security !

From: <yong321_at_yahoo.com>
Date: 13 Jan 2006 11:33:42 -0800
Message-ID: <1137180822.057018.236130@f14g2000cwb.googlegroups.com>


zejeanmi_at_gmail.com wrote:
>
> Have you been able to make ldap naming work without anonymous bind ?

You're right. I can't disable it and continue to use LDAP for name resolution. Perhaps the next version of Oracle Net will allow us to store username and password (encrypted) in ldap.ora so we can disable anonymous bind.

The security risk is comparable to a DNS server zone transfer. Speaking of that, future methods of Oracle Net name resolution may be RR records of DNS. If Oracle gives up on LDAP in favor of that (as they gave up on Names server in favor of LDAP), then we won't have to worry about LDAP anonymous bind.

Can you open a Tar, or file a feature enhancement request?

Yong Huang Received on Fri Jan 13 2006 - 13:33:42 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US