LDAP admin password configuring libnss-ldap and libpam-ldap
On Mon, Apr 21, 2008 at 09:30:41PM +0200, Juan Asensio Sánchez wrote:
> I have setup a server with LDAP and Samba. Now i want to LDAP hosts
> authenticate with the LDAP server too, so i have installed in each
> host libnss-ldap, libpam-ldap and nscd. Everything works fine, but I
> don't know why these packages need the ldap admin password. Although
> the ldap.secret file is not world readable, i don't want the users
> could see it with sudo. And what would happen if i change the ldap
> admin password? Do I have to change it in every host?
it is only used to simulate root access to accounts
can I also suggest looking at libnss-ldapd instead off libnss-ldap,
I have experienced some group resolution errors with the later,
especially with the recent move to gnutls away from openssl
> NB: I have configured libnss-ldap without the needing of the
> passwords, but I couldn't configure libpam-ldap to not use it.
> Thanks in advance.
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact email@example.com
"I think --tide turning --see, as I remember --I was raised in the desert, but tides kind of --it's easy to see a tide turn --did I say those words?"
- George W. Bush
in response to the question "Is the tide turning in Iraq?"