[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: rootpw in slapd.conf read from file (ITS#1113)



> This like likely can be resolved by using the include directive.
> 
Well, the include directive wolud require "rootpw <cred>" in the included
file, while many codes (sendmail, samba-tng and so) simply ask
for the <cred> part (and optionally strip a trailing newline).
For both security, atomicity of credentials and ease of configuration,
I've been adding the same change to a number of ldap-enabled
applications we're deploying, including apache's auth_ldap and more.
I agree some kerberos or so would obsolete this change, but kerberos
is too much for many customers (and a headache for me ...:)

Pierangelo.