On Wed, 23 Jul 2003, Jehan PROCACCIA wrote:
> Kent, Ian I. wrote:
> > Maybe.
> >
> > I will be using an anonymous (NULL basdn and password) connection for my LDAP
> > patch initially.
> > Are your automount maps confidential.
>
> No they aren't .
> however, as openldap defaults, and more eand more security defaults, are
> removing anonymous access, it doesn't work anymore if you keep with
> defaults !
>
> It is also a problem for openldap ACL, today with autofs looking maps
> anonymously I had to add specific ACL:
>
> access to attr=uid,objectclass,entry,ou,automountInformation,cn
> by dn="^$$" read
>
Point taken.
>
> > What is the need to password protect them.
> > The only question is will a bind with NULL basedn and password work with LDAP v2
> > and v3 in general as well as OpenLDAP 2.0 and OpenLDAP 2.1?
>
> Why not implementing a real binddn/bindpassword as it is in /etc/ldap.conf:
Where does /etc/openldap/ldap.conf fit in?
What if OpenLDAP is not the LDAP being used?
So are we saying best effort is adequate?
I'm having enough trouble to get my current patch stable. I have a basic
implementation for LDAP maps that adds support for direct map entries in
either the automountMap or nisMap LDAP schema. Basically I merged the
RedHat autofs v3 patch.
I will check it out further when the dust settles, not now.
>
> # The distinguished name to bind to the server with.
> # Optional: default is to bind anonymously.
> binddn cn=proxyuser,dc=example,dc=com
>
> # The credentials to bind with.
> # Optional: default is no credential.
> bindpw secret
Does this entry support encryption?
--
,-._|\ Ian Kent
/ \ Perth, Western Australia
*_.--._/ E-mail: [EMAIL PROTECTED]
v Web: http://themaw.net/
_______________________________________________
autofs mailing list
[EMAIL PROTECTED]
http://linux.kernel.org/mailman/listinfo/autofs
