On Mon, May 10, 2010 at 02:48:48PM +0200, Andreas B. Mundt wrote: [...] > after having thought a bit more about the password issue, I think > we perhaps should add one more question during > installation/configuration of the main server: Enter the LDAP > password. This is then copied into gosa.conf and the hash can be > droped in the ldif used to bootstrap the ldap database (currently we > use the root-password as password for the rootdn (ldap admin) by using > its hash from /etc/shadows as password attribute in the corresponding > ldif). > > Thereby, we would avoid exposing the root-password more then > necessary. > > What do you think? Any better ideas?
next idea: how about creating this (gosa-) password randomly and use the "old" root pw in addition for command line tools? -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/20100510125935.ga6...@flashgordon
