ldap passwords (want not in clear)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Checking with ethereal, I can see that my ldap clients (ldapsearch or gq) are
sending bind requests with the password as clear text. The data in the ldap
database for these passwords is set as using {crypt}.
Nevertheless, if I put in a "wrong" password, it does seem to get rejected but
a correct one does not.
With ethereal I can see that the reply that comes back saying success also has
a field with bind dn = "" and I think this implies something. This is
because I am getting access problems when binding as the ldap administrator
in that I cannot update the passwords despite having apparent access rights
to write to the whole database.
Whats happening here - how should I arrange things so that the passwords do
not get transmitted in the clear and how can I be sure I am binding as
administrator?
- --
Alan Chandler
alan@chandlerfamily.org.uk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+pjaQuFHxcV2FFoIRAkHGAKCoZCsawHbwvhdYiGzb0PmmkvYMPgCffkvB
QlxsKbEhSgzLSulh8h+uWiI=
=05Ln
-----END PGP SIGNATURE-----
Reply to: