Mac OS X Lion: Accepts any LDAP password.


Security issues, anyone? According to a recent post at, Mac OS X Lion has a major one. And one that could be a nightmare for network administrators everywhere. Here’s what has to say:

For some reason, Macs running Lion that use LDAP to authenticate users to shared resources work just fine for the initial login. After that point, Lion users can use any password and still log in.

Macs running older versions of OS X, Windows PCs, and Linux machines authenticate properly on the same LDAP servers, but the Lion machines exhibit the bad behavior. There are no security problems with Macs running Lion and logging into networks that use protocols other than LDAP.

So there you have it. Not good news for Apple. Certainly not good news for network administrators. Nor those employees who keep pressure their companies to get them Macs.


You can leave a response, or trackback from your own site.

Leave a Reply