On Wednesday, 14 December 2011 09:13:11 Jayavant Patil wrote:

> Hi,

>

> I am using openldap-2.4.19-4.x86_64 on fedora 12 machine. On client

> node, in /etc/ldap.conf file, we specify binddn and bindpw. If not

> specified, the request will be anonymous. I have on each client machine

> more than 500 users. I want to send the request to server as an

> authenticated user but users are 500+. Then, how do I specify this in

> binddn and bindpw. I don't want to specify 'root' (admin) in binddn and

> bindpw. I have rootbinddn as root's dn and his password in /etc/ldap.secret

> (mode 600).


Create a (single, or per-host) "proxy user". I note that deploying Kerberos can be an option for the per-host "proxy user" which has additional benefits.


Regards,

Buchan