[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Olc deployment vs slapd.conf based deployment
Am Mon, 18 Sep 2017 10:12:23 -0400
schrieb Brian Reichert <reichert@numachi.com>:
> On Sat, Sep 16, 2017 at 04:24:36PM +0200, Daniel Pluta wrote:
> > On 16.09.2017 09:04, Michael Str??der wrote:
> > >Daniel Pluta wrote:
> > >>Call it strange, useless, insane, fine or whatever, but my
> > >>customers (also anybody who's interested in using a distinct
> > >>service) should be able to get a chance for a detailed view into
> > >>the running configuration of each service - before and while
> > >>using it. slapd's cn=config supports this, not perfectly but
> > >>better than any other service I'm aware of. For further details
> > >>see our paper from LDAPcon2011.
>
> I'm jumping in late here. I'm curious about this talk. I see a
> YouTube playlist of LDAPCon 2011 talkshere; which one should I look
> at for these details?
There is no video, but you may read the papers.
https://ldapcon.org/2011/downloads/plutahommelweinert-paper.pdf
[...]
> https://www.youtube.com/playlist?list=PLXuMrj-t1hqGdOJvswPFvNtwZFHD5SODK
>
> > >
> > >I very well remember your interesting talk and that you give read
> > >access to olcRootDN to prove it's not set.
> >
> >
> > It was olcRootPw: to prove that it's not present and thus there is
> > no slapd-BOFH (aka administrative man-in-the-middle).
> >
> > I very well remember the shocked/laughing faces of (parts of) the
> > audience right after I switched to the slide containing this at
> > first surely suicidal seeming ACL.
> >
> > Forget about it. It's sufficient to keep in mind that the future
> > lies in cn=config. ;-)
-Dieter
--
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E