[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Duplicated username in Local users and LDAP

To: Phillip <phuang@plasmon.cn>
Subject: Re: Duplicated username in Local users and LDAP
From: Aaron Richton <richton@nbcs.rutgers.edu>
Date: Thu, 9 Nov 2006 12:23:09 -0500 (EST)
Cc: OpenLDAP-software@openldap.org
In-reply-to: <002a01c703ab$36a6a3d0$207ba8c0@plasmon2ab2a3b>
References: <002a01c703ab$36a6a3d0$207ba8c0@plasmon2ab2a3b>

Well, a good OpenLDAP answer to this response might be to use ldapdelete(1) on the accounts you don't want to have in LDAP, or to use ACLs to restrict access to entries that you do not want visible.

Apart from OpenLDAP software, there are other (quite possibly better) responses to be had if you talk with the provider of your nss_ldap module (or, if open source, an appropriate mailing list), the provider of your operating system (hint: nsswitch.conf), or the ldap-interop mailing list to help you glue together one or more of these options.

On Thu, 9 Nov 2006, Phillip wrote:

Hi all,
I meet some trouble when there are duplicated username in both local users list and LDAP users list, and I think it may cause security problems, for example, in my case, "root" and "admin" account from LDAP could even control the whole system. I do not want this happens.

Would you please give me some advices on how to dare with this duplicated username issue?
Kind regards,
Phillip

Follow-Ups:
- Re: Duplicated username in Local users and LDAP
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Duplicated username in Local users and LDAP
  - From: "Phillip" <phuang@plasmon.cn>

Prev by Date: Indexs
Next by Date: Re: slow queries with long strings in filters
Index(es):
- Chronological
- Thread