Yes, that makes sense. Thanks. -steve
-----Original Message----- From: Quanah Gibson-Mount [mailto:quanah@zimbra.com] Sent: Monday, April 22, 2013 12:58 PM To: Steve Eckmann Cc: openldap-technical@openldap.org Subject: RE: hashed credentials for idassert-bind?
--On Monday, April 22, 2013 6:35 PM +0000 Steve Eckmann steve.eckmann@issinc.com wrote:
Thanks, Michael. So the ldap backend acting as a client needs cleartext credentials; I see that now.
Is there some conventional way to provide the cleartext password to slapd-ldap without exposing it in the slapd.conf file?
You could use the cn=config backend, then it would be in slapd.d or whatever you named it. But it is still going to exist on-disk.
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration