[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP replication 'credentials'

To: Mark_W_Apperson@raytheon.com (Mark W Apperson), openldap-software@openldap.org
Subject: Re: OpenLDAP replication 'credentials'
From: manu@netbsd.org (Emmanuel Dreyfus)
Date: Wed, 7 May 2008 16:00:20 +0200
In-reply-to: <OFA2A609E7.84AC895B-ON86257442.0044F4DF-86257442.0044F4F8@mck.us.ray.com>
User-agent: MacSOUP/2.7 (unregistered for 473 days)

Mark W Apperson <Mark_W_Apperson@raytheon.com> wrote:

> We will be using OpenLDAP with TLS, and also plan to use the OpenLDAP
> replication as well.
> 
> I would like to keep plain text passwords out of config files.  We are
> using the '{SSHA}' configuration option for the 'rootdn' configuration
> variable.  Is there something similar that I can use for the replication
> 'credentials'?

What about using certificate authentication? That completely removes the
need for a replication password.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org

Follow-Ups:
- Re: OpenLDAP replication 'credentials'
  - From: Michael Ströder <michael@stroeder.com>

References:
- OpenLDAP replication 'credentials'
  - From: Mark W Apperson <Mark_W_Apperson@raytheon.com>

Prev by Date: Re: OpenLDAP replication 'credentials'
Next by Date: Re: OpenLDAP replication 'credentials'
Index(es):
- Chronological
- Thread