2013/7/19 Peter Klingler <[email protected]>: > What are some steps to secure Self-Service-Password? > > Apache SSL > Directory Rights > Active Directory Manager Permissions (what are the minimum permissions > needed)? > > Any other suggestions?
Setting HTTPS seems the most interesting thing to do. You can prevent brute force by setting external tools like fail2ban. The AD account must have rights to change password of every users, so you can't really reduce its rights. Clément. _______________________________________________ ltb-users mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-users
