[Date Prev][Date Next] [Chronological] [Thread] [Top]

Ldap as authentication system (based on RFC2307)



Hi there,

I've read a lot of documentation, and take time to look at openldap mail
archive.
Now, I need to set up an real LDAP server for global auth system (login,
squid, apache, mail, ...).

Proposal structure :
./Slackware 7.1
./OpenLDAP 2.0.7
./nss_ldap
./OpenSSL
./SASL

I realy don't need Kerberos or PAM.

So, I've setup nss_ldap, openldap and it's work. But, I need to keep
userPassword secret, so I've used "acces to attr=userPassword" directive in
sladp.conf, and it's work very well.
Now, how to setup a good crypto between client and openLDAP server ?
And some needs :
./ I've 200+ account setup in /etc/shadow, I need to keep passwd
./ Slack uses an derived MD5 algo to create shadow passwd

Please, could you give me experiences ?
What's the real utility of SASL ?

Thanks

	--Alexandre

_____________________________________________
Alexandre Ghisoli - Responsable opérationnel
Ycom SA
Rue Galilée 15 / 1400 YVERDON-LES-BAINS
Tel: +41 (24) 423 92 77  /  Fax: +41 (24) 423 92 57