[Samba] Disabling password expiry for a AD service account for accessing LDAPS, and security best practices.
Stephen
stephen at ogdenradar.com
Wed Apr 10 14:51:16 UTC 2019
Dear samba-list, please disregard my previous post.
Since posting I have found a way to avoid the need to create a dedicated
AD service account purely to allow Redmine to authenticate via LDAPS and
AD. This neatly circumvents my original issue and is much more secure to
boot.
For future Redmine users googling, refer to this document here:
https://www.redmine.org/projects/redmine/wiki/RedmineLDAP
The section "Dynamic Bind" in the aforementioned document described how
you can force Redmine to assume thatt supplied login credentials are a
valid AD account, and to verify these credentials via LDAPS.
Thanks
Stephen Ellwood
More information about the samba
mailing list