See <http://www.openldap.org/faq/index.cgi?file=944>http<http://www.openldap.org/faq/index.cgi?file=944>://www.openldap.org/faq/index.cgi?file=944
At 11:04 AM 9/30/2005, Michael Torrie wrote: >Is there any way to restore the kpasswd binding function to openldap? I >realize that ideally sasl or kerberos binds directly are the way to go, >but unfortunately I can't do that for the majority of web applications >(most of which are 3rd party) that need to do ldap binds for >authentication. Without kpasswd support I am forced to put the >userPassword hashes directly in the ldap database itself, which is a >security problem. At least with the old [EMAIL PROTECTED] >notation, even though the bind itself might have security implications I >wouldn't need to put the password itself in the database. > >Is there a way to accomplish simple binding from these dumb 3rd party >apps with kerberos support? >-- >Michael Torrie <[EMAIL PROTECTED]>
