At Sat, 05 Dec 2009 09:23:16 +0530 Chamith Kumarage <[email protected]> wrote:
> > On Fri, 2009-12-04 at 11:55 -0500, Robert Heller wrote: > > I have Openldap set up on a CentOS 5 system (using the stock 2.3.43 > > RPMS) and I want to allow users to change their passwords, but I am > > confused by the documentation (it has both too much and not enough > > information -- there don't appear to be simple HowTos for common setups). > > > > I am not sure what to put in /etc/openldap/slapd.conf (I think I need an > > ACL). I expect I need something in /etc/openldap/ldap.conf (or > > prossibly /etc/ldap.conf) to allow the authorization. This is on a LAN > > with diskless clients, behind a firewall, so I *probably* don't need to > > set up SSL and certs (but I am unsure of this as well). > > > > Hi Robert, > > I think the most secure (since you are not using SSL) and preferred way > is to use a small application for this. You can easily give the users a > web interface (written using php-ldap) to change their passwords or > whatever stuff. This does not really help me much. Having some random application (web based or not) is not the issue, I need to know how to *configure* slapd and ldap in general to allow the proper access levels. Oh I have no problem with using SSL and if that is the way to I go that way. I also don't want to run a web server just for one *small* web application. I am also not really much of a php programer either. The admin documentation both has too much information and too little :-(. What I am looking for is a specialized how-to for this specific sort of situation. I understand that LDAP can do a lot of things, everything from being a company-with phone book to handling DNS to handling user authorization, so it makes sense for the admin manual to cover a broad application range. I'm just getting lost in it. > > phpldapadamin would do as well. But it's nicer to have your own > something :) > > Thanks, > ~Chamith > > > -- Robert Heller -- 978-544-6933 Deepwoods Software -- Download the Model Railroad System http://www.deepsoft.com/ -- Binaries for Linux and MS-Windows [email protected] -- http://www.deepsoft.com/ModelRailroadSystem/
