Bug in S4 commit 58206fb9b8d1a66af5a1c08379ed5f6e3413c2f0
Trever L. Adams
trever.adams at gmail.com
Tue Dec 21 14:25:28 MST 2010
On 12/21/2010 01:46 PM, Andrew Bartlett wrote:
>
> Does your setup rely on anonymous reads on LDAP?
>
> If so, you need to fiddle with the dsHuristics to get that (insecure)
> behaviour back, or have your dovecot/postfix setup do a bind.
>
> Andrew Bartlett
I do anonymous. I do not do anything with passwords via anonymous (I use
ldap + kerberos), I only verify accounts. I know this is probably more
germain elsewhere, but is there a way to do a bind via a kerberos keytab
(I prefer to not send usernames/passwords over SSL or have them in text
files if at all possible, but am not completely against it) for a
service principal instead of user/pass combinations? How would I grant
the appropriate rights to the user which has the service principal?
Sorry, as I have mentioned elsewhere I am using S4 to learn about
Kerberos, LDAP, and AD.
Thank you,
Trever
--
"I don't know how World War III will be fought, but I do know World War
IV will be fought with sticks and stones" -- Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20101221/d135779b/attachment.pgp>
More information about the samba-technical
mailing list