Yes, but then that lookup user would still have the password clearly written
in the config file. And with that, someone can then simply lookup admin's
password, decrypt it, and
away they go....
I think I'm in a catch-22 situation:(
Thanks for the help!
Steve
You could of course setup an account for a lookup user, which has rights
to read only the username/passwd/check/reply attribs.
- Joost.
Hugh Irvine wrote:
>
> Hello Stephen -
>
> On Wed, 15 Mar 2000, Felicetti, Stephen A. wrote:
> > Hey guys....
> >
> > I'm authenticating against LDAP, and all is working fine.
> > Here's the problem....in order for me to gain access to the password
> > attribute, I must
> > bind as the admin user. Is there anyway to use a NON plain text password
in
> > the config file?
> >
> > I can create a non admin user account that can have access to the
password
> > attribute, but I would
> > still want that password encrypted.
> >
>
> The passwords in the Radiator configuration file are always in cleartext.
You
> should probably lock down the access priviledges to the file to readonly
for
> the owner.
>
> regards
>
> Hugh
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
