Closed ValkyrieOps closed 4 years ago
Hi @ValkyrieOps , if you have set this up correctly, I think the fact that your password is not set and you can log in is the reflection of the fact that empty password is fine for LDAP too. This plugin does nothing but it translates auth requests to LDAP so if empty password is fine for LDAP, it is fine for this plugin too. I would have to triple check this but at first it seems as the very reason you see this.
@smiklosovic You are correct sorry for the trouble. Turns out we had user groups restricted for authentication but AD permits anonymous binding by default. Thanks again!
Please answer these questions before submitting your issue. Thanks!
What version of Cassandra are you using?
3.11.5
What version of Cassandra LDAP are you using?
3.11.4
What LDAP server you are using? Any specifics?
Windows Server 2019
What did you do?
Run
cqlsh -u ourdomainuser ourcassandrahost --cqlversion="3.4.4"
When prompted for password just hit returnWhat did you expect to see?
Authentication fails with blank password
What did you see instead?
Authentication succeeds to any user specified, including one's that have never logged in before
Not sure if this is an errant configuration with our Domain however anonymous binding is not supported. Please let me know if there is any other information I can provide here.