Re: [GOsa] last(?) missing bit to use gosa in debian-edu out of the box
Holger Levsen wrote:
> Hi,
>
> On Montag, 10. Mai 2010, Andreas B. Mundt wrote:
>>> after having thought a bit more about the password issue, I think
>>> we perhaps should add one more question during
>>> installation/configuration of the main server: Enter the LDAP
>>> password.
>
> I think thats a bad idea, as we already ask for the root password.
>
> We didnt want a(nother) password ldap-admin with lwat, so I dont see why we
> want it with gosa.
>
>>> What do you think? Any better ideas?
>> next idea: how about creating this (gosa-) password randomly and use
>> the "old" root pw in addition for command line tools?
>
> so the gosa password would be for an account with the same right as ldap
> admin, but with another name? (So that password can be random..)
I think a spesific service account similar to smbadmin (gosadmin?) with
random password is the best option.
Why does gosa need this access anyway ? Could gosa not ask the user for
the password to bind to ldap? In the same way that lwat does it today ?
Or are there cronjobs _writing_ to ldap ?
sep
Reply to: