[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
best practice: admin accounts?
I need to create a user (or 2) for replication only, but don't really
know where to put it or which structural class it should be.
I was thinking about:
dn: uid=Replicator,dc=example,dc=com
objectClass: top
objectClass: account
objectClass: shadowAccount
userPassword: <some pw>
uid: Replicator
This works, but is this really the best way to create "admin accounts"?
For me, "admin accounts" are accounts used for various tasks related to
server (not necessarily just slapd) maintenance. (Replication is the
only "task" I can think of at the moment.)
Also, I have the following org unit:
dn: ou=People,dc=example,dc=com
ou: People
objectClass: top
objectClass: organizationalUnit
I was putting the above DN (cn=Replicator,...) in the root (as opposed
to "ou=People,..."). Does that make sense? Or should I create an ou just
for "admin/misc" accounts?
Lastly, is there a way to give a "non-plain text" password for the
syncrel user:
syncrepl rid=123
...
bindmethod=simple
binddn="cn=Replicator,dc=example,dc=com"
credentials={SSHA}<encrypted string>
All of the examples and docs seem to indicate that the credentials
should be the password for the "binddn" in clear text.
TIA!
Craig