Re: LDAP admin password configuring libnss-ldap and libpam-ldap
It is needed for actions where local user is root, so local root could, if necessary change users passwords in LDAP. If that is not desirable, you do not have to use it. You can put same name/password that you have put for ordinary lookups. On Mon, Apr 21, 2008 at 9:30 PM, Juan Asensio Sánchez <[EMAIL PROTECTED]> wrote: > Hi > > I have setup a server with LDAP and Samba. Now i want to LDAP hosts > authenticate with the LDAP server too, so i have installed in each > host libnss-ldap, libpam-ldap and nscd. Everything works fine, but I > don't know why these packages need the ldap admin password. Although > the ldap.secret file is not world readable, i don't want the users > could see it with sudo. And what would happen if i change the ldap > admin password? Do I have to change it in every host? > > NB: I have configured libnss-ldap without the needing of the > passwords, but I couldn't configure libpam-ldap to not use it. > > Thanks in advance. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
Re: LDAP admin password configuring libnss-ldap and libpam-ldap
On Mon, Apr 21, 2008 at 09:30:41PM +0200, Juan Asensio Sánchez wrote: > Hi > > I have setup a server with LDAP and Samba. Now i want to LDAP hosts > authenticate with the LDAP server too, so i have installed in each > host libnss-ldap, libpam-ldap and nscd. Everything works fine, but I > don't know why these packages need the ldap admin password. Although > the ldap.secret file is not world readable, i don't want the users > could see it with sudo. And what would happen if i change the ldap > admin password? Do I have to change it in every host? it is only used to simulate root access to accounts can I also suggest looking at libnss-ldapd instead off libnss-ldap, I have experienced some group resolution errors with the later, especially with the recent move to gnutls away from openssl > > NB: I have configured libnss-ldap without the needing of the > passwords, but I couldn't configure libpam-ldap to not use it. > > Thanks in advance. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- "I think --tide turning --see, as I remember --I was raised in the desert, but tides kind of --it's easy to see a tide turn --did I say those words?" - George W. Bush 06/14/2006 Washington, DC in response to the question "Is the tide turning in Iraq?" signature.asc Description: Digital signature
LDAP admin password configuring libnss-ldap and libpam-ldap
Hi I have setup a server with LDAP and Samba. Now i want to LDAP hosts authenticate with the LDAP server too, so i have installed in each host libnss-ldap, libpam-ldap and nscd. Everything works fine, but I don't know why these packages need the ldap admin password. Although the ldap.secret file is not world readable, i don't want the users could see it with sudo. And what would happen if i change the ldap admin password? Do I have to change it in every host? NB: I have configured libnss-ldap without the needing of the passwords, but I couldn't configure libpam-ldap to not use it. Thanks in advance. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ldap admin password
On Thursday 19 May 2005 07:36, Lars Jensen wrote: > Hi, > > Where is the ldap admin password. I'm trying to set up ldap and are > getting some authentication errors when running the migrationtools. I > noticed that there's no rootpw statement in slapd.conf. > > Don't I need a rootpw statement to run the ldaptools? > > Thanks. > > Lars. > > -- > Lars Jensen, Truckee Meadows Community College, Reno NV 89512-3999. > Tel: 775.673.7113 E-mail: [EMAIL PROTECTED] Of course you need one , so just insert a line like this one rootdn "cn=admin,dc=example,dc=com" rootpw secret of cource for better security you can hide the "secret" using its has value instead of the plaintext. cheers Mohammad -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ldap admin password
On Wed, 2005-05-18 at 22:36 -0700, Lars Jensen wrote: > Don't I need a rootpw statement to run the ldaptools? > Yes. You need the 'rootpw' statement in your slapd.conf. Srinidhi. -- B S Srinidhi <[EMAIL PROTECTED]> DeepRoot Linux Pvt. Ltd. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ldap admin password
On Wed, 2005-05-18 at 22:36 -0700, Lars Jensen wrote: > Don't I need a rootpw statement to run the ldaptools? > Yes. You need the 'rootpw' statement in your slapd.conf. Srinidhi. -- B S Srinidhi <[EMAIL PROTECTED]> DeepRoot Linux Pvt. Ltd. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ldap admin password
Hi, Where is the ldap admin password. I'm trying to set up ldap and are getting some authentication errors when running the migrationtools. I noticed that there's no rootpw statement in slapd.conf. Don't I need a rootpw statement to run the ldaptools? Thanks. Lars. -- Lars Jensen, Truckee Meadows Community College, Reno NV 89512-3999. Tel: 775.673.7113 E-mail: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
