[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: i have no name!

To: James Bourne <jbourne@mtroyal.ab.ca>, John Dalbec <jpdalbec@ysu.edu>
Subject: Re: i have no name!
From: Brian Jones <jonesy@CS.Princeton.EDU>
Date: Fri, 14 Feb 2003 14:09:46 -0500
Cc: "openldap-software@OpenLDAP.org" <openldap-software@OpenLDAP.org>
In-reply-to: <Pine.LNX.4.51.0302130716550.24287@skuld.mtroyal.ab.ca>
User-agent: Microsoft-Entourage/10.1.0.2006

On 2/13/03 9:31 AM, "James Bourne" <jbourne@mtroyal.ab.ca> wrote:

> We have found that using the root user (admin or
> whatever) and /etc/ldap.secret are not really required.

I would absolutely love to have an understanding of how I could do away with
the ldap.secret file.

By 'root user' above, I'm thinking you're referring to using user 'root' in
the binddn directive?  Do you make a dummy user for this purpose that exists
only to bind to the directory?  Do you have an acl that addresses the perms
needed by this user to do the mappings, and at the same time hide these same
attr's from prying eyes?

Again, any pointers to any docs on how to get rid of 'ldap.secret' would be
very extremely helpful.  I feel very uncomfortable about having this file
around. 

Thanks for the input.
Brian.

Follow-Ups:
- Re: i have no name!
  - From: James Bourne <jbourne@mtroyal.ab.ca>
- Re: i have no name!
  - From: German Poo Caaman~o <gpoo@ubiobio.cl>

References:
- Re: i have no name!
  - From: James Bourne <jbourne@mtroyal.ab.ca>

Prev by Date: RE: openldap and SSL with AD
Next by Date: ldap_init_getfilter/etc removed in 2.1.x?
Index(es):
- Chronological
- Thread