Skip to Main Content
Linux Server Security, Second Edition
book

Linux Server Security, Second Edition

by Michael D. Bauer
January 2005
Intermediate to advanced content levelIntermediate to advanced
544 pages
23h 44m
English
O'Reilly Media, Inc.
Content preview from Linux Server Security, Second Edition
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
234
|
Chapter 7: Using LDAP for Authentication
Note the ldaps:// URL in the previous example: since I’ve specified the -x flag for
simple cleartext authentication, I definitely need to connect to the server with TLS
encryption (again, ldaps is ldap secure) rather than in the clear. (See the previous sec-
tion.)
Having said all that, however, I must point out that password management for end
users is one of LDAP’s problem areas. On the one hand, if your users all have access
to the ldappasswd command (e.g., if they run Linux), you can use a combination of
local /etc/ldap.conf files and scripts/frontends for ldappasswd to make it reasonably
simple for users to change their own passwords.
But if users run some other OS (e.g., Windows), you must either manage passwords
centrally (i.e., have all users contact the email administrator every time they need to
change their password) or issue users LDAP client software such as LDAP Browser/
Editor and then teach users how to use it. The former option needn’t be as distaste-
ful as it may sound, so long as your email administrator is trustworthy (this is neces-
sary, regardless) and some common sense is applied in how you go about it.
Access Controls
Technically, we’ve covered or touched on all the tasks needed to build an LDAP
server using OpenLDAP ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Linux: Powerful Server Administration

Linux: Powerful Server Administration

Uday Sawant, Oliver Pelz, Jonathan Hobson, William Leemans
Linux Server Hacks

Linux Server Hacks

Rob Flickenger
Linux Server Hacks, Volume Two

Linux Server Hacks, Volume Two

William von Hagen, Brian K. Jones

Publisher Resources

ISBN: 0596006705Supplemental ContentCatalog PageErrata