I have a question regarding the best way to set rights for LDAP searches
in our tree. Currently we have it set where a search can be done at the
root of the tree. The problem is that we need to limit access to
certain containers within our tree to the vast majority of users. We
have tried setting up a proxy user and removing the assigned rights of
this user for the containers that we do not want them to access. When
this didn't work, we realized that the rights are still being inherited
through the rights assigned by Public.

We can remove the rights to public which will correct the problem of our
proxy user, but it creates another issue with scripts that are being ran
against LDAP. Apparently pamldap likes to do anonymous binds...

Does anyone have any suggestions on how this can be addressed? Any
suggestions would be greatly appreciated.

Angel Howard