can I use encrypted ldap_bind_pw ?
dkirhlarov at oilspace.com
Wed Apr 18 03:20:39 EDT 2007
On Wed, Apr 18, 2007 at 10:23:51AM +0530, JOYDEEP wrote:
> > saslauthd need clear text password for binding procedure.
> > But, you can use anonymous binding (for me it's more secure).
> thanks for the answer. but I can't understand how anonymous can secure
> the system.
I have many untrusted hosts with ldap-based authentication.
With this reason no difference between anonymous bind and bind under
potentialy compromized id. But second case I have to specialy
describe in ACL section slapd.conf.
Also, I can't see difference for user authentication between initial
anonymous and non-anonymous bind.
More information about the Info-cyrus