Del wrote: >There are a lot of different ldapsearch'es out there, >so the answer will vary with each one. For the time >being I'll assume you are using OpenLDAP.
Yep, using OpenLDAP. >The obvious, but complex, answer is to use SASL & >Kerberos. Then you just get the tgt once and from >then on you're bound to the server. OK, got this. Had done Kerberos before. >That's a whole minefield of things that need >setting up so I suggest you google about for it a >bit, there is plenty of documentation. I did and found a few that's meaningful and stuck to it. I just search for 'OpenLDAP tutorial'. Got my setup to work, like this: got tgt once as you said and use OpenLDAP commands over-and-over, as I want it. $ kinit beav $ ldapsearch -Y gssapi >The next obvious answer is to use -y passwdfile, >where passwdfile contains the password you want >to use. That file should be somewhere where >nobody else can find it, and where only you can >read it, and even then I wouldn't trust it. I wouldn't trust this, too. I got to hide my binddn and bindpw. Thanks very much. Beav -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
