1 |
Dnia czwartek, 12 pa¼dziernika 2006 17:50, Leandro Melo de Sales napisa³: |
2 |
|
3 |
> I'm configured a LDAP server to be used as a users database. Now, I |
4 |
> want to setup linux box clients to auth against LDAP server. I |
5 |
> installed ldap-pam and ldap-nss. In /etc/ldap.conf file I have to |
6 |
> inform rootdn password. What is the best way to do this since the |
7 |
> configuration file has to be readable to all. I think that use |
8 |
> privileged login in this situation (even if I use /etc/ldap.secret |
9 |
> file) is dangerous. So, should I created a LDAP user just to be used |
10 |
> as a rootdn login? how can I create a nonprivileged login? |
11 |
|
12 |
1. You create user in LDAP tree _outside_ ou=people tree |
13 |
2. Set password for it and disable shell login (just in case) |
14 |
3. Tell ldap-nss to use this user as binddn= with pass bindpw= |
15 |
4. Allow owner of the record (logged-on user) to change his/her password |
16 |
|
17 |
-- |
18 |
Pawel Kraszewski |
19 |
www.kraszewscy.net |
20 |
|
21 |
-- |
22 |
gentoo-user@g.o mailing list |