[Date Prev][Date Next] [Chronological] [Thread] [Top]

Ldap as authentication system (based on RFC2307)

To: <openldap-software@OpenLDAP.org>
Subject: Ldap as authentication system (based on RFC2307)
From: "Alexandre Ghisoli" <alexandre.ghisoli@ycom.ch>
Date: Sun, 14 Jan 2001 18:50:30 +0100
Importance: Normal

Hi there,

I've read a lot of documentation, and take time to look at openldap mail
archive.
Now, I need to set up an real LDAP server for global auth system (login,
squid, apache, mail, ...).

Proposal structure :
./Slackware 7.1
./OpenLDAP 2.0.7
./nss_ldap
./OpenSSL
./SASL

I realy don't need Kerberos or PAM.

So, I've setup nss_ldap, openldap and it's work. But, I need to keep
userPassword secret, so I've used "acces to attr=userPassword" directive in
sladp.conf, and it's work very well.
Now, how to setup a good crypto between client and openLDAP server ?
And some needs :
./ I've 200+ account setup in /etc/shadow, I need to keep passwd
./ Slack uses an derived MD5 algo to create shadow passwd

Please, could you give me experiences ?
What's the real utility of SASL ?

Thanks

	--Alexandre

_____________________________________________
Alexandre Ghisoli - Responsable opérationnel
Ycom SA
Rue Galilée 15 / 1400 YVERDON-LES-BAINS
Tel: +41 (24) 423 92 77  /  Fax: +41 (24) 423 92 57

Follow-Ups:
- Re: Ldap as authentication system (based on RFC2307)
  - From: "Booker C. Bense" <bbense@networking.stanford.edu>

Prev by Date: Re: security measures
Next by Date: AW: error parameters in session handle
Index(es):
- Chronological
- Thread