12 Sep
2012
12 Sep
'12
8:10 a.m.
On Wed, Sep 12, 2012 at 04:59:36PM +0200, teoman.onay@degroof.be wrote:
Does this mean that the password is sent clear to the ldap server then hashed over there ? It looks like a huge security flaw ...
The benefit is that slapd decides on the hash, password policies can be enforced, you can generate both Unix and NT hashes at the same time... But it seems it assumes you use TLS or local socket.
--
Emmanuel Dreyfus
manu@netbsd.org