[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: using -W/-w <binddnpasswd>

To: openldap-software@OpenLDAP.org
Subject: Re: using -W/-w <binddnpasswd>
From: kunkee@neosoft.com (Randy Kunkee)
Date: Fri, 5 May 2000 14:30:37 -0500 (CDT)
Cc: Cibu C Johny <Cibu_Johny@mw.3com.com>
In-reply-to: <200005051924.OAA11288@bluto.ops.neosoft.com> from Randy Kunkee at "May 5, 2000 02:23:57 pm"

> > I know this question is too naive...
> > But I couldnt get any answer to this.
> > 
> > What is the purpose of -W or -w <binddnpasswd> ?
> > Rather, how can I configure such way that the ldapsearch requires
> > password and what attribute carry the password for an individual
> > entry?
> > 
> > regards,
> > Cibu
> > 
> 
> In the beginning there was -w <binddnpasswd>, and it was good.  But
> then many a wise person knows that on many systems, this exposes the
> password through the ps command, and users feared for their security.
> So then it was said, "Let there be a -W option, and when there
> is -W, we shall prompt for the password, thus not exposing it in the
> ps command."  And so it was, that users need fear no more.  And this
> freed the security gods to move on to other security methods, such
> as SASL, and it was very good.
> 

Sorry couldn't help myself.  Forgot to answer your other question though.
The user's password is held in the userpassword attribute.

References:
- Re: using -W/-w <binddnpasswd>
  - From: kunkee@neosoft.com (Randy Kunkee)

Prev by Date: Re: using -W/-w <binddnpasswd>
Next by Date: Re: Viability of OpenLDAP
Index(es):
- Chronological
- Thread