[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [GOsa] last(?) missing bit to use gosa in debian-edu out of the box

Holger Levsen wrote:
> Hi,
> 
> On Montag, 10. Mai 2010, Andreas B. Mundt wrote:
>>> after having thought a bit more about the password issue, I think
>>> we perhaps should add one more question during
>>> installation/configuration of the main server: Enter the LDAP
>>> password. 
> 
> I think thats a bad idea, as we already ask for the root password.
> 
> We didnt want a(nother) password ldap-admin with lwat, so I dont see why we 
> want it with gosa.
> 
>>> What do you think? Any better ideas?
>> next idea: how about creating this (gosa-) password randomly and use
>> the "old" root pw in addition for command line tools?
> 
> so the gosa password would be for an account with the same right as ldap 
> admin, but with another name? (So that password can be random..)

I think a spesific service account similar to smbadmin (gosadmin?) with
random password is the best option.

Why does gosa need this access anyway ? Could gosa not ask the user for
the password to bind to ldap? In the same way that lwat does it today ?
Or are there cronjobs _writing_ to ldap ?

sep
Reply to: