[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [GOsa] last(?) missing bit to use gosa in debian-edu out of the box

On Mon, May 10, 2010 at 02:48:48PM +0200, Andreas B. Mundt wrote:
> after having thought a bit more about the password issue, I think
> we perhaps should add one more question during
> installation/configuration of the main server: Enter the LDAP
> password. This is then copied into gosa.conf and the hash can be
> droped in the ldif used to bootstrap the ldap database (currently we
> use the root-password as password for the rootdn (ldap admin) by using
> its hash from /etc/shadows as password attribute in the corresponding
> ldif).      
> Thereby, we would avoid exposing the root-password more then
> necessary.
> What do you think? Any better ideas?

next idea: how about creating this (gosa-) password randomly and use
the "old" root pw in addition for command line tools? 

Reply to: