Category Archives: computing

Posts in this category are about, or have something to do with, computing.

Terry Gardner passed away in December, 2013.  There will be no new posts to this blog, but I will leave the blog up because it is useful to others.  Signed, Denise, Terry’s wife.

Posted on by Terry Gardner | Leave a comment

LDAP: Hardening Server Security (so administrators can sleep at night)

Client Connections Limit the total number of concurrent sessions to the server and limit the number of concurrent sessions per client Set size-limit, lookthrough-limit, and time-limit per client appropriate to client requirements (be aware of the server’s default settings, often … Continue reading

Posted in computing, LDAP, UnboundID | Tagged , | 2 Comments

LDAP: Client Connection Policies

Introduction A Client Connection Policy controls the portions of the DIT a client can access and resource limits on what clients can do with data stored on the server. Clients are subject to one Client Connection Policy at a given … Continue reading

Posted in computing, LDAP, UnboundID | Tagged , , , | Leave a comment

LDAP: Administrative users

Introduction In an UnboundID LDAP directory server, the “Root DN” (root user) accounts have an extensive set of privileges in the default distribution of the server products; therefore the root DN account(s) should not be used in normal operation except … Continue reading

Posted in computing, LDAP, UnboundID | Tagged , , , , | Leave a comment

ldapmodify: be careful with attribute options

Clients must include the attribute options when using an attribute name following a mod-spec. Consider the following LDIF: # wrong dn: cn=test,c=us changetype: modify replace: your-attribute-name your-attribute-name;binary: binary-stuff your-attribute-name must contain the option (binary in this case). Here is the … Continue reading

Posted in computing, LDAP | Tagged , | Leave a comment