[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Skolelinux + Owncloud 8.0 community




On Fri, Feb 27, 2015 at 12:24:30PM +0100, Petter Reinholdtsen wrote:
> [Giorgio Pioda]
> > Hi,
> >
> > I would like to setup OwnCloud to make it available to teachers
> > (and maybe in a second step to pupils) and I'm triing to connect
> > the user accounting via LDAP. (Using the latest OwnCloud 8.0
> > since the older version in debian repo has the LDAP plugin
> > apparently broken)
> >
> > Do I have to give a LDAP login account user/passwd (first user
> > in GOsa i guess) or would be sufficient to use anonymous LDAP search to
> > make possible an LDAP authentication?
> >
> > Any experience out here?
> 
> I do not have any experience, as I run my Owncloud installation fairly
> standalone, but I would recommend checking out kerberos and PAM (using
> Kerberos) instead of trying to use LDAP authentication.  LDAP
> authentication only work with encrypted connections, and passes the
> password over the net to the LDAP server for verification, while
> Kerberos do not pass the password over the net to the server.


Sorry for pesting you with stupid questions...

How would you rate the security, setting owncloud on https only and
using ldaps to connect to tjener.intern (owncloud server and tjener.intern
would sit in the same room, tjener on a 10.*.*.* network and owncloud
on a public IP; comunication between then shouldn't leave the internal
network switch).

Regards

Giorgio

P.S: I got the login. LDAPS is needed, but also setting manually
the LDAP user tree position (since we have the ou=Teachers and ou=Students
in the paths) 

-- 
Giorgio Pioda - Sysadmin SPSE-Tenero
Cell +41 79 629 20 63
Tel  +41 58 468 62 48
Fax  +41 58 468 61 98


Reply to: