[KLUG Members] LDAP and passwords
Peter Buxton
members@kalamazoolinux.org
Sat, 30 Aug 2003 02:18:24 -0400
Hey, Adam, I have a question. I'm setting up a test LDAP here at home,
and I have a number of questions:
1. Aside from defining the 'TLSCert...' entries to point to my
self-signed x509 cert, and defining 'URI ldap:/// ldaps:///', how do
I turn on ldaps?
2. Your presentation PDF mentions using sasldb. Is that somehow
necessary to using LDAP/SASL/Kerberos?
3. I have a number of future password needs. I'd like to support Unix
hash, SMTP AUTH (probably using HMDA (DIGEST MD5)) and Samba NT
passwords. How do I store these passwords? Is it safe to store the
plaintext in userPassword, or do I need to store each hash (Unix/NT)
separately? I see RFC 2307 says that LDAPv3 may do things
differently. Also, I note your presentation doesn't use the
'{crypt}X5/bLHDu7sJM73h21' format under the user examples.
Thanks in advance!
--
-20
Rah! My re-tox weekend has been declared
a success! -- James Coates, 29 Oct 2001.