last(?) missing bit to use gosa in debian-edu out of the box
as you probably noticed I currently try to implement gosa in
debian-edu as admin tool to manage users and groups (so far). To use
gosa out of the box after installation, I already prepared the
necessary configurations and the templates added to ldap during
ldap-bootstrap, and things look promising.
I currently have only one problem left: How to put the ldap rootdn
password in the gosa.conf file. After the (cleartext) password has
been dropped there during install, we can use gosa-encrypt-passwords to
encrypt it and make sure no cleartext passwords remain.
Afaik, we drop the root password hash (for example into ldap) during
install to allow password checks, but we have no cleartext password
Is it possible to base the gosa password check on that hash (dropped
somewhere during install) too? Or are there any other ways to avoid
cleartext even during installation?