[Date Prev][Date Next] [Chronological] [Thread] [Top]

stupid overall scheme of things question..

To: openldap-software@OpenLDAP.org
Subject: stupid overall scheme of things question..
From: Roger Morris <roger.in.eugene@gmail.com>
Date: Fri, 28 Jan 2005 14:34:06 -0800
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding; b=QNyvTRwDcZyvfHarPW8CNatbjW91JQ52keloixNAAOlSKgQa42Dz4TGymIrETb4kuFMsNVljIaxLmqSa/O35KW0K0CLOMGiIHIxZxzhdOagrt+pho2KsXTTXTp2pr8I8Sh+XpNF96wTkWHPncHt8hm4Wr6ie7K+bJZQEi2WMXg8=

Organization has an LDAP server, lets call it ldap1
I have a web server,call it web1.  I have it setup such that if
someone logs in to do work on their pages, the authentication is done
via ldap on ldap1.

Does web1 need to run slapd at all?  I just have /etc/ldap.conf setup.

the LDAP admin is restricting anonymous bind, so I have to use binddn
and bindpw in /etc/ldap.conf.  Authentication fails if I try to go
with passwd in just /etc/ldap.secret, I have to have bindpw set in
/etc/ldap.conf   I would prefer the users not have access to the
bindpw.   If I were to use slapd, would I then point the ldap info in
/etc/ldap.conf to the localhost?   I could then use access lists in
slapd.conf to limit what users could see.

Thanks
Roger

Follow-Ups:
- Re: stupid overall scheme of things question..
  - From: "Dieter Kluenter" <dieter@dkluenter.de>

Prev by Date: Re: ACL that makes me crazy
Next by Date: Re: ACL that makes me crazy
Index(es):
- Chronological
- Thread