[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: stupid overall scheme of things question..

To: openldap-software@OpenLDAP.org
Subject: Re: stupid overall scheme of things question..
From: "Dieter Kluenter" <dieter@dkluenter.de>
Date: Sat, 29 Jan 2005 07:39:33 +0100
In-reply-to: <69b790a8050128143434dc3b4d@mail.gmail.com> (Roger Morris's message of "Fri, 28 Jan 2005 14:34:06 -0800")
Organization: AVCI
References: <69b790a8050128143434dc3b4d@mail.gmail.com>
User-agent: Gnus/5.1002 (Gnus v5.10.2) XEmacs/21.4 (Rational FORTRAN, linux)

Roger Morris <roger.in.eugene@gmail.com> writes:

> Organization has an LDAP server, lets call it ldap1
> I have a web server,call it web1.  I have it setup such that if
> someone logs in to do work on their pages, the authentication is done
> via ldap on ldap1.
>
> Does web1 need to run slapd at all?  I just have /etc/ldap.conf setup.

There is no slapd required on web1

> the LDAP admin is restricting anonymous bind, so I have to use binddn
> and bindpw in /etc/ldap.conf.  Authentication fails if I try to go
> with passwd in just /etc/ldap.secret, I have to have bindpw set in
> /etc/ldap.conf   I would prefer the users not have access to the
> bindpw.   If I were to use slapd, would I then point the ldap info in
> /etc/ldap.conf to the localhost?   I could then use access lists in
> slapd.conf to limit what users could see.

binddn and bindpw are not valid parameters in OPenLDAP's ldap.conf,
configure mod_auth_ldap on web1.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:01443B53

References:
- stupid overall scheme of things question..
  - From: Roger Morris <roger.in.eugene@gmail.com>

Prev by Date: Re: short filter search
Next by Date: Re: Remote LDAP Lookups
Index(es):
- Chronological
- Thread