To enable anonymous or guest user to access the Identity Self-Service features of the User Application, follow the steps outlined in Table 2-3.
Table 2-3 Setting Up Anonymous Access
There are two ways to support anonymous or guest access to the User Application. You can:
Setup a dedicated user account. Set up the permissions that are needed for the activities of that anonymous user. Remember that if this user is inside the user container, this guest account is returned during searches of the tree. To prevent this, consider putting the guest user outside the user container.
Use the public LDAP guest account that corresponds to the [Public] object in eDirectory. The default access for [Public] is Browse rights to the entire tree. You must set up whatever permissions are necessary for this user to perform the guest tasks you provide. If you do not want all anonymous users to perform some of these tasks, this might not be the correct option for your installation.
The User Application allows you to specify only one type of anonymous user, and you are required to specify that user during installation. The installation options are:
Use Public Anonymous Account: This uses the LDAP guest account.
LDAP Guest: This is the dedicated user account.
You can modify your installation choice by running the configupdate utility after the installation is complete.