You may want to speak with him about compartmentalizing areas of "like security". You can then create a classification system like so:
Class A Email Webmail Normal Web Apps Class B HR/ERP Finance Then create a Class A and a Class B account for each user. That's very reasonable and gives you some more guidance. He may be more open to this than saying "I heard it was a bad idea to create separate accounts." -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of André Ribas Sent: Thursday, July 02, 2009 8:35 AM To: [email protected] Subject: [ldap] Re: Distinct passwords You understood well Justin and I agree with you but it's the way that my supervisor wants. =( His reason is supposed to be "security". Justin Dearing wrote: > So let me understand this, > > You have a person with their information stored in ldap. Several > services (unix login, a php web site running on apache, email) > authenticate via this ldap directory. This person will need to type a > different password in to putty, their web browser, and their email > client to match himself up with the same ldap account. What is the > point of centralized authentication then? > > Or am I misunderstanding you? > > Regards, > > Justin Dearing > > > > On Thu, Jul 2, 2009 at 8:50 AM, André Ribas<[email protected]> wrote: > >> Hello list, I'm trying to implement distinct passwords for each service that >> will authenticate on LDAP. Anyone have any glue to me? =D >> >> Thanks. >> -- >> André Ribas >> >> >> > >
