Re: Protecting the bindpw in /etc/ldap.conf
- From: Kenneth Holter <kenneho.ndu@xxxxxxxxx>
- Date: Mon, 12 Apr 2010 11:54:46 +0200
Removing the world readable bit from /etc/ldap.conf results in the famous "I
have no name" error message when logging in with an LDAP account. So it
looks like world needs to be able to read this file. Anyone else got tips on
how to protect the bind password located in that file?
- Kenneth
On Thu, Mar 4, 2010 at 4:05 PM, Marti, Robert <RJM002@xxxxxxxx> wrote:
Even if LDAP is the requirement - /etc/ldap.conf doesn't have to be world--
readable, does it?
Rob Marti
-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx [mailto:
redhat-list-bounces@xxxxxxxxxx] On Behalf Of Stainforth, Matthew (SD/DS)
Sent: Thursday, March 04, 2010 7:58 AM
To: redhat-list@xxxxxxxxxx
Subject: RE: Protecting the bindpw in /etc/ldap.conf
We're about to set up our RHEL servers to authenticate againts Active
Directory (AD) 2008. I'd like to protect the binding user password
(i.e.
bindpw) so that regulars users can't get hold of it. Are others doing
this
too, or does one not consider this as a security issue? If protecting
it,
how to you set up this?
Kerberos is what I use instead of LDAP and it doesn't require a password,
at least in my environment.
Matt
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
- Prev by Date: Unzipping problem | write error (disk full?)
- Next by Date: Re: How to log separate files or directories for centralizing SysLog server ?
- Previous by thread: Unzipping problem | write error (disk full?)
- Next by thread: VS: Unzipping problem | write error (disk full?)
- Index(es):
Relevant Pages
|
