[389-users] Disable unhashed#user#password altogether
Arpit Tolani
arpittolani at gmail.com
Fri Jun 15 21:54:40 UTC 2012
Hie
On Wed, May 23, 2012 at 3:49 AM, Lucas Sweany <lsweany at qualys.com> wrote:
> Well I definitely don't need that. It looks like I will end up writing a
> script to delete or overwrite the attribute for now.
>
> Thanks,
>
> -Lucas
If you are concerned about other user reading unhashed#user#password for
other users, Setup below aci on your rootdn.
aci: (targetattr = "unhashed#user#password") (version 3.0;acl "Block
the unhashed password";deny (read,compare,search)(userdn =
"ldap:///anyone");)
Regards
Arpit Tolani
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20120616/c9bfbc1e/attachment.html>
More information about the 389-users
mailing list