[Date Prev][Date Next]
Using command like tools securely?
I'm trying to write some scripts to do various things with ldapadd
and the like. What I'd like is to have the script be able to
interface with the directory without having to specify the binddn and
password in the script as that could be insecure if someone were to
look at the script. I don't understand much about the slapd.access
(5) and I'm not sure if limiting access will allow me to do what I want.
How do some of you out there do it? I don't know much about the
capabilities of SASL, but can SASL be used to authenticate the rootDN
(or some DN that can write) for purposes of writing to the directory?