LDAP's full of secrets. It's a great way to keep tabs on what's going on in a company. And to think that you can get nearly all of it with anonymous access.
Team or department mergers before they were announced? Yep, I've caught those. Secret mailing lists for internal projects? Check who's a member and you can ferret out what's going on. Bonus if the list mail address gives some of it away.
`ldapsearch' is good if you know your way around LDAP. Apache LDAP Studio is a great UI tool if you just want to explore.
Everyone should know enough about LDAP to build a login service that binds against it for internal apps. You can exploit the groups the sys admins maintain to control permissions in your app. It's very powerful and an easy way to get up an running in no time.
I'm still flabbergasted when a company lets me index their entire AD tree as a random (or, holy crap, anonymous) user. Very nice of them, but still.
It's also often the only way to get information that doesn't exist in an Intranet page, like, literally what teams are there in IT, where are their offices, who's somebody's manager, and of course, what distribution lists am I not on that some other user is on that's causing one of us to have issues accessing some internal company portal.
It has to be public (or at least not too locked down) or things like Address Book in outlook would stop working. Lots of weird things depend on the LDAP tree being broadly accessible. It's just that it leaks more information than most people think.
Still, it's a tool made for another era. It would be sufficient to let it return one search result at a time, or complete specified group aliases, in order to work for groupware clients. Applications mostly needs to authenticate a specific user.
The ability to walk the tree is something else. Just like we don't allow zone transfers for dns anymore, there should have been similar best practice changes to ldap if people just gave it some love.
> Everyone should know enough about LDAP to build a login service that binds against it for internal apps. You can exploit the groups the sys admins maintain to control permissions in your app. It's very powerful and an easy way to get up an running in no time.
Team or department mergers before they were announced? Yep, I've caught those. Secret mailing lists for internal projects? Check who's a member and you can ferret out what's going on. Bonus if the list mail address gives some of it away.
`ldapsearch' is good if you know your way around LDAP. Apache LDAP Studio is a great UI tool if you just want to explore.
Everyone should know enough about LDAP to build a login service that binds against it for internal apps. You can exploit the groups the sys admins maintain to control permissions in your app. It's very powerful and an easy way to get up an running in no time.