[Date Prev][Date Next] [Chronological] [Thread] [Top]

bindDN, Root DN, LDAP security



Hello
 
I saw an string of  (LDAP Auth and User changing their Pasword), good discussion, but couldn't really see the point.As no matter how secure you are there is always a risk, I am not very concerned about the password in file, I am concerned about password on network, since we have SSL/TLS, network sniffing should also be minimised.
 
Getting back to my question, I haven't seen single slapd.conf  without a bindDN anf bindpasswd and rootDN, I am not clear at all about the difference between rootDN and bindDN.
second once my LDAP server is populated, can I pick a CN or DN or UID from my LDAP database, and bind as that user, without keeping bindDN password in slapd.conf.
I mean
rootdn          "cn=Manager,dc=navtechinc,dc=com" disable or coment this in slapd.conf
and  rootdn    uid=replica,ou=system,dc=navtechinc, dc=com enable this inslapd.conf and don't put passwd for this replica in slapd.conf as replica is in databse and can be authenticated from there, so why put rootdn password in files hashed or not hashed.
 


Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software