![]() ![]() ![]() It looks like the user specified is being authenticated successfully without a password, although we are not being authenticating as that user at all. But it still didn't explain why the user could bind without a password. Without granting permissions to this account, no data was going to be inadvertently disclosed. This is the same result as performing an anonymous bind. Looking back at the logon result, it did indeed show I was authenticated as the built-in account 'NT AUTHORITY\ANONYMOUS LOGON'. Server error: 000004DC: LdapErr: DSID-0C090752, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580Įrror 0x4DC The operation being requested was not performed because the user has not been authenticated. ![]() Ldap_search_s(ld, "DC=lithnet,DC=local", 2, "uid=ryan", attrList, 0,
0 Comments
Leave a Reply. |