[RFE] Allow BIND without a target entry

[389-ds-bot]

Cloned from Pagure issue: https://pagure.io/389-ds-base/issue/593

• Created at 2013-02-21 01:15:12 by nkinder (@nkinder)
• Closed at 2020-04-22 16:35:39 as wontfix
• Assigned to nobody

---

Allow authentication without an entry

• If just using the directory server for authentication, want to allow the directory server to authenticate identities
• This is mostly applicable for non-password based auth, or cases where the directory server is not the credential store
• For example, cert based auth; SASL auth (GSSAPI, other cases where you pass off the auth decision to sasl), PAM pass through, other types of pass through auth
• In this case, you want to allow the auth even if there is no user entry
• this probably wouldn't work for simple auth (no user entry to retrieve userPassword from)
• Need to be able to use access control, resource limits, groups/roles, CoS, with these user identities

[389-ds-bot]

Comment from nkinder (@nkinder) at 2017-02-11 22:57:38

Metadata Update from @nkinder:

• Issue set to the milestone: FUTURE

[389-ds-bot]

Comment from firstyear (@Firstyear) at 2017-04-04 05:00:29

Is this still relevant @nkinder ?

[389-ds-bot]

Comment from firstyear (@Firstyear) at 2017-04-04 05:00:33

Metadata Update from @Firstyear:

• Custom field reviewstatus adjusted to new
• Issue close_status updated to: None

[389-ds-bot]

Comment from mreynolds (@mreynolds389) at 2020-04-22 16:35:41

Metadata Update from @mreynolds389:

• Custom field reviewstatus adjusted to None (was: new)
• Issue close_status updated to: wontfix
• Issue status updated to: Closed (was: Open)