[Freeipa-users] Storing LDAP credentials in clear text.
quest monger
quest.monger at gmail.com
Thu Jun 25 01:21:15 UTC 2015
I have a IPA server running on CentOS server. I have multiple Solaris boxes
that use this IPA server for SSH authentication.
When configuring the Solaris hosts to be IPA clients, one of the things i
had to do was to configure LDAP. This involved editing the /etc/ldap.conf
file. It looks like this now -
binddn uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com
bindpw <password in plain text>
ssl start_tls
tls_cacertfile /var/ldap/cer8.db
tls_checkpeer yes
bind_timelimit 5
timelimit 15
uri ldap://example.com
sudoers_base ou=SUDOers,dc=example,dc=com
TLS_CERT /var/ldap/cer8.db
As you can see, the bind password is being stored in clear text.
Is there a workaround for this? Has someone done this on a Solaris-11
platform?
Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150624/49f0a8b9/attachment.htm>
More information about the Freeipa-users
mailing list