Re: [plug] Setting up LDAP Authentication

Federico Sevilla III Wed, 05 Sep 2001 08:38:24 -0700

On Wed, 5 Sep 2001 at 23:56, Horatio B. Bogbindero wrote:
> ummm. you can restrict the fields that are viewable in ldap. the
> configuration file is in /etc/openldap/slapd.conf

I know. And like the /etc/shadow, root should be able to read the
encrypted password, and change it too, right?

Debian's package automatically puts decent restrictions like this. Only
root can read/write to userPassword, and people can only access
userPassword by authenticating, as in:

access to attribute=userPassword
        by dn="cn=root,ou=People,dc=leathercollection,dc=ph" write
        by anonymous auth
        by self write
        by * none

 --> Jijo

--
Federico Sevilla III  :: [EMAIL PROTECTED]
Network Administrator :: The Leather Collection, Inc.
GnuPG Key: <http://jijo.leathercollection.ph/jijo.gpg>

_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]

To subscribe to the Linux Newbies' List: send "subscribe" in the body to 
[EMAIL PROTECTED]

Re: [plug] Setting up LDAP Authentication

Reply via email to