dsconfig global configuration property for that:
$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password set-global-configuration-prop -X -n --set reject-unauthenticated-requests:true
Once you set the property, anonymous users trying to search for example will get an “Unwilling to perform” response from OpenDJ.
$ ldapsearch -p 1389 -b dc=example,dc=com uid=bjensen SEARCH operation failed Result Code: 53 (Unwilling to Perform) Additional Information: Rejecting the requested operation because the connection has not been authenticated
Of course users who authenticate first are unaffected.
$ ldapsearch -p 1389 -b dc=example,dc=com -D uid=bjensen,ou=people,dc=example,dc=com -w hifalutin uid=bjensen dn: uid=bjensen,ou=People,dc=example,dc=com uid: bjensen ...