[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: using -W/-w <binddnpasswd>



> > I know this question is too naive...
> > But I couldnt get any answer to this.
> > 
> > What is the purpose of -W or -w <binddnpasswd> ?
> > Rather, how can I configure such way that the ldapsearch requires
> > password and what attribute carry the password for an individual
> > entry?
> > 
> > regards,
> > Cibu
> > 
> 
> In the beginning there was -w <binddnpasswd>, and it was good.  But
> then many a wise person knows that on many systems, this exposes the
> password through the ps command, and users feared for their security.
> So then it was said, "Let there be a -W option, and when there
> is -W, we shall prompt for the password, thus not exposing it in the
> ps command."  And so it was, that users need fear no more.  And this
> freed the security gods to move on to other security methods, such
> as SASL, and it was very good.
> 

Sorry couldn't help myself.  Forgot to answer your other question though.
The user's password is held in the userpassword attribute.