Public bug reported:
In [1], the way the admin user is configured is wrong. You shouldn't
make a admin user in ou=people *and* set a olcRootPW as well. See [2].
If you do specify a olcRootPW, don't make the admin user. If you do
both, you can have an admin user with two passwords (which I had).
Also, the password is supplied in plain text, meaning the server also
stores it as plain text (do:
ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b olcDatabase={1}hdb,cn=config
so see your password in the tree).
Instead, generate a hash with slappasswd.
So, either use olcRootPW or make an admin entry in ou=people. The 12.04
docs seem to do it right (they make the entry without rootpw).
[1] https://help.ubuntu.com/10.04/serverguide/openldap-server.html
[2]
http://www.openldap.org/doc/admin24/access-control.html#Controlling%20rootdn%20access
** Affects: ubuntu-docs (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1094842
Title:
Ubuntu 10.04 ldap creates admin user with two (plain text) passwords
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-docs/+bug/1094842/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
