Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: ldap (oid) name resolution security !

Re: ldap (oid) name resolution security !

From: <yong321_at_yahoo.com>
Date: 13 Jan 2006 11:33:42 -0800
Message-ID: <1137180822.057018.236130@f14g2000cwb.googlegroups.com> 





zejeanmi_at_gmail.com wrote:


>

> Have you been able to make ldap naming work without anonymous bind ?




You're right. I can't disable it and continue to use LDAP for name
resolution. Perhaps the next version of Oracle Net will allow us to
store username and password (encrypted) in ldap.ora so we can disable
anonymous bind.



The security risk is comparable to a DNS server zone transfer. Speaking
of that, future methods of Oracle Net name resolution may be RR records
of DNS. If Oracle gives up on LDAP in favor of that (as they gave up on
Names server in favor of LDAP), then we won't have to worry about LDAP
anonymous bind.



Can you open a Tar, or file a feature enhancement request?



Yong Huang
Received on Fri Jan 13 2006 - 13:33:42 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US