| 1 |
Dnia czwartek, 12 pa¼dziernika 2006 17:50, Leandro Melo de Sales napisa³: |
| 2 |
|
| 3 |
> I'm configured a LDAP server to be used as a users database. Now, I |
| 4 |
> want to setup linux box clients to auth against LDAP server. I |
| 5 |
> installed ldap-pam and ldap-nss. In /etc/ldap.conf file I have to |
| 6 |
> inform rootdn password. What is the best way to do this since the |
| 7 |
> configuration file has to be readable to all. I think that use |
| 8 |
> privileged login in this situation (even if I use /etc/ldap.secret |
| 9 |
> file) is dangerous. So, should I created a LDAP user just to be used |
| 10 |
> as a rootdn login? how can I create a nonprivileged login? |
| 11 |
|
| 12 |
1. You create user in LDAP tree _outside_ ou=people tree |
| 13 |
2. Set password for it and disable shell login (just in case) |
| 14 |
3. Tell ldap-nss to use this user as binddn= with pass bindpw= |
| 15 |
4. Allow owner of the record (logged-on user) to change his/her password |
| 16 |
|
| 17 |
-- |
| 18 |
Pawel Kraszewski |
| 19 |
www.kraszewscy.net |
| 20 |
|
| 21 |
-- |
| 22 |
gentoo-user@g.o mailing list |
Archives