[Date Prev][Date Next] [Chronological] [Thread] [Top]

replication credentials

To: openldap-software@OpenLDAP.org
Subject: replication credentials
From: glavoy@apple.com (Gary LaVoy)
Date: Wed, 03 Sep 2003 09:37:32 -0700

Is it possible to put an encrypted password in the slapd.conf for the
replication account? It's doesn't seem to like this statement:


replica         host=replicahost.apple.com:389
                binddn="cn=replicator,o=Apple Computer"
                bindmethod=simple
                credentials={SSHA}qn1ASsCqSO4wUbZPRmgUc0e3eZgbACdE

and putting a clear text password in means that I expose an account that
basically has manager access to anyone who can read the slapd.conf file. So in
that case I might as well use the manager account for replication itself.

so what is the recommended way to set up a reasonably secure replication
environment?

thanks,

Gary 
glavoy@apple.com

Follow-Ups:
- Re: replication credentials
  - From: John M Beamon <jbeamon@franklinamerican.com>

Prev by Date: Re: Error - Why?
Next by Date: Re: improved migration script to deal with multihomed hosts?
Index(es):
- Chronological
- Thread