[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: stupid overall scheme of things question..

Roger Morris <roger.in.eugene@gmail.com> writes:

> Organization has an LDAP server, lets call it ldap1
> I have a web server,call it web1.  I have it setup such that if
> someone logs in to do work on their pages, the authentication is done
> via ldap on ldap1.
> Does web1 need to run slapd at all?  I just have /etc/ldap.conf setup.

There is no slapd required on web1

> the LDAP admin is restricting anonymous bind, so I have to use binddn
> and bindpw in /etc/ldap.conf.  Authentication fails if I try to go
> with passwd in just /etc/ldap.secret, I have to have bindpw set in
> /etc/ldap.conf   I would prefer the users not have access to the
> bindpw.   If I were to use slapd, would I then point the ldap info in
> /etc/ldap.conf to the localhost?   I could then use access lists in
> slapd.conf to limit what users could see.

binddn and bindpw are not valid parameters in OPenLDAP's ldap.conf,
configure mod_auth_ldap on web1.


Dieter Klünter | Systemberatung
GPG Key ID:01443B53