It's a good thing he obfuscated his password then... :)
Careful you'll incite a riot about LDAP being insecure! If anyone is worried,
implement
LDAP over SSL.
Patrick Spinler wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dave Keeton wrote:
/etc/ldap.conf:
host <ip address>
port 9270
base c=odot
binddn racfid=BNDUSR,profiletype=USER,c=DOT
bindpw <clear text password>
ldap_version 3
pam_login_attribute racfid
A little off topic, but doesn't /etc/ldap.conf needs to be world
readable (to allow ldap enabled tools to work in user space)?
If so, isn't having a password in this file a nasty security hole?
Thanks,
- -- Pat
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkmLQIUACgkQNObCqA8uBsy8AQCePkp8eNuxaRrk2ey/MOZb4E93
GlIAnRCt2SKFOSoQStrmhRPUCEXW+mSL
=1v3Q
-----END PGP SIGNATURE-----
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
--
Rich Smrcina
VM Assist, Inc.
Phone: 414-491-6001
Ans Service: 360-715-2467
http://www.linkedin.com/in/richsmrcina
Catch the WAVV! http://www.wavv.org
WAVV 2009 - Orlando, FL - May 15-19, 2009
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
