[Date Prev][Date Next]
Ldap as authentication system (based on RFC2307)
I've read a lot of documentation, and take time to look at openldap mail
Now, I need to set up an real LDAP server for global auth system (login,
squid, apache, mail, ...).
Proposal structure :
I realy don't need Kerberos or PAM.
So, I've setup nss_ldap, openldap and it's work. But, I need to keep
userPassword secret, so I've used "acces to attr=userPassword" directive in
sladp.conf, and it's work very well.
Now, how to setup a good crypto between client and openLDAP server ?
And some needs :
./ I've 200+ account setup in /etc/shadow, I need to keep passwd
./ Slack uses an derived MD5 algo to create shadow passwd
Please, could you give me experiences ?
What's the real utility of SASL ?
Alexandre Ghisoli - Responsable opérationnel
Rue Galilée 15 / 1400 YVERDON-LES-BAINS
Tel: +41 (24) 423 92 77 / Fax: +41 (24) 423 92 57