[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Center for Internet Security benchmark for OpenLDAP

To: hyc@symas.com (Howard Chu), bgmilne@staff.telkomsa.net (Buchan Milne)
Subject: Re: Center for Internet Security benchmark for OpenLDAP
From: manu@netbsd.org (Emmanuel Dreyfus)
Date: Fri, 28 Sep 2007 11:33:16 +0200
Cc: openldap-software@openldap.org
In-reply-to: <46FCA402.6040001@symas.com>
User-agent: MacSOUP/2.7 (unregistered for 251 days)

Howard Chu <hyc@symas.com> wrote:

>  > Unfortunately administrators cannot follow this recommendation, since
>  > slurpd and syncrepl replication requires access to a plaintext password
>  > (for password-based authentication mechanisms). You probably need to
>  > place stronger emphasis on certificate or ticket-based authentication
>  > if you want to avoid this issue.

Well, syncrepl + certificates is not very well documented. I plan to add
FAQ entries for that.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org

References:
- Re: Center for Internet Security benchmark for OpenLDAP
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: Center for Internet Security benchmark for OpenLDAP
Next by Date: Re: Center for Internet Security benchmark for OpenLDAP
Index(es):
- Chronological
- Thread