-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 16 Jun 2004 20:48, Paul W. Frields wrote:
I'll be happy to do it. If you don't mind, find out if he
wants to make
your changes first.
">I hope the community does remedy all those points to give this very
useful document a more robust treatment of security, and make FC2 a
little less complex to implement samba/ldap on.
Definitely...I'm by no means an expert...I'm driven by a need to tie my
Windoze and LTSP users together...hence Samba/LDAP....please...pitch
in...feel free to rewrite the doc and please let me know if you do so I
can try it :-)"
Go ahead Paul, thanks.
On Wed, 2004-06-16 at 15:42, Gavin Henry wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> This has come from the K12OSN project and I have it now on:
>
>
http://FedoraNEWS.ORG/ghenry/ldap
>
> It's waiting for me to finish tagging/cleaning it.
>
> Would someone like to Docbook it up for the docs project? I have
> permission to do what ever to it.
>
> I am also on the LDAP team for
tldp.org but not really done much about
> it, but this is a very good one to go into it.
>
> I have these points which I sent to him:
>
> 1. The backend ldap should be bdb not ldbm (discussed very in depth on
> the OpenLDAP lists).
>
> 2. You should really have access controls on the LDAP database, as anyone
> can then read your hashed password over the wire, unless, which I didn't
> notice, you only have the LDAP server listening on localhost?
>
> 3. You should be using TLS.
>
> 4. Could you do a wee conclusion, rounding everything off.
>
>
>
>
> P.S. I just found this one on his site:
>
>
http://www.vcs.u52.k12.me.us/LDAP/The_SAMBA-LDAP_How-to.html
>
> I don't know which is newer, but this one seems more complete.
>
> I'll check.
>
> Gavin.
>
> I think this comes from:
>
>
http://samba.idealx.org/smbldap-howto.en.html
>
>
> - ---------- Forwarded Message ----------
>
> Subject: [K12OSN] Samba/LDAP how-to in OO format
> Date: Wednesday 16 Jun 2004 03:28
> From: "David Trask" <dtrask(a)vcs.u52.k12.me.us>
> To: K12OSN(a)redhat.com
>
>
http://web.vcs.u52.k12.me.us/linux/Samba-LDAP.sxw
>
> here's the Samba LDAP how-to in OO format
>
> David N. Trask
> Technology Teacher/Coordinator
> Vassalboro Community School
> dtrask(a)vcs.u52.k12.me.us
> (207)923-3100
>
>
> _______________________________________________
> K12OSN mailing list
> K12OSN(a)redhat.com
>
https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <
http://www.k12os.org>
>
> - -------------------------------------------------------
>
> - --
> Kind Regards,
>
> Gavin Henry.
> Managing Director.
>
> T +44 (0) 1224 587369
> M +44 (0) 7930 323266
> F +44 (0) 1224 742001
> E ghenry(a)suretecsystems.com
>
> Open Source. Open Solutions.
>
>
http://www.suretecsystems.com/
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (GNU/Linux)
>
> iD8DBQFA0KKxgNqd7Kng8UoRArTHAKDcOAa52LJQGuaEDeRo1GyTHd2VwQCfdxO8
> SCZNaH+RdbzGzGx8cPaLdJs=
> =6Ckx
> -----END PGP SIGNATURE-----
- --
Kind Regards,
Gavin Henry.
http://www.magicfx.co.uk
http://FedoraNEWS.ORG/ghenry
http://shorl.com/dokypyrirypa
http://www.suretecsystems.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFA0WE8gNqd7Kng8UoRAgjjAJ4nbLDaerO42cZN1sjnXY5CSS96AACfXHrt
bRHbT9edUB3o4rfvxpu/mjo=
=rOK7
-----END PGP SIGNATURE-----