Posted by: Administrator
on October 27, 2005 10:20 PM
Is it possible to use OpenLDAP SSL-only? If the SSL port is not available, does the authentication system fall back to non-secure communications? Is it possible to use a mixture of both passwd files and LDAP? Wouldn't want to make a machine unaccessible if the LDAP daemon crashes or something. Finally, a lot of packages now support LDAP authentication, is this setup a "standard" configuration so it can be used across multiple packages?
One serious issue I see: the password for LDAP stored in<nobr> <wbr></nobr>/etc/pam_ldap.conf is unencrypted. Bad. Is there a way to avoid doing that? Can I create a bind-only user that has no other power than to authenticate against LDAP?
Thanks for a great couple of articles, I was just beginning to look into doing this. You've saved me a bit of research.<nobr> <wbr></nobr>:) If you wanna write an article on using LDAP as an address book, I wouldn't complain.
Learn about Linux
Download Linux
Get Linux help
Questions, questions, questions...
Posted by: Administrator on October 27, 2005 10:20 PMOne serious issue I see: the password for LDAP stored in<nobr> <wbr></nobr>/etc/pam_ldap.conf is unencrypted. Bad. Is there a way to avoid doing that? Can I create a bind-only user that has no other power than to authenticate against LDAP?
Thanks for a great couple of articles, I was just beginning to look into doing this. You've saved me a bit of research.<nobr> <wbr></nobr>:) If you wanna write an article on using LDAP as an address book, I wouldn't complain.
#