FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 02-10-2010, 01:11 PM
Dan Burkland
 
Default Anyone using Active Driectory auth with Centos 5.4.....?

*> -----Original Message-----
> From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On
> Behalf Of JohnS
> Sent: Wednesday, February 10, 2010 1:31 AM
> To: CentOS mailing list
> Subject: Re: [CentOS] Anyone using Active Driectory auth with Centos
> 5.4.....?
>
>
> On Tue, 2010-02-09 at 14:21 -0700, Craig White wrote:
> > On Tue, 2010-02-09 at 18:08 +0000, Joseph L. Casale wrote:
> > > >This looks like the way to go, I don't like the username /pass stored
> in plain text but maybe if I create a special group that doesn't really
> have any privileges this would work, geez AD is just plain bad...lol,
> Thanks.
> > >
> > > I guess you think insecure would be better? If I understand your need,
> you want
> > > to make AD insecure, so please enable anonymous binds so you don't
> need a user/pass
> > > to make the query
> > >
> > > Or program your own auth backend that binds with the intended creds
> asking for auth
> > > Oh, and do this w/o tls/ssl because you want it insecure
> > ----
> > seems to me that permitting an anonymous bind to LDAP is inherently more
> > secure than requiring a user/password combination so I don't think that
> > your explanation is exactly true. In Microsoft's view, the only systems
> > querying LDAP would be systems automatically passing the authentication.
> >
> > Craig
> ----
>
> Yes it is true, you have to have that for it to work correctly.
>
> John
>
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos

I apologize if this has been mentioned before but one option would be to use Apache's Kerberos module for authentication. See the modules sourceforge page here --> http://modauthkerb.sourceforge.net/configure.html

Regards,

Dan
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 07:25 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org