[deployment-guide: 26/185] Removed the content that is no longer needed.

Sun May 15 21:12:11 UTC 2011

commit c7630cdcea7bc851aa2ff15dd5d12114928a29e8
Author: Jaromir Hradilek <jhradile at redhat.com>
Date:   Thu Jan 20 18:13:54 2011 +0100

    Removed the content that is no longer needed.

 .../Lightweight_Directory_Access_Protocol_LDAP.xml |   54 --------------------
 1 files changed, 0 insertions(+), 54 deletions(-)
---

diff --git a/en-US/Lightweight_Directory_Access_Protocol_LDAP.xml b/en-US/Lightweight_Directory_Access_Protocol_LDAP.xml
index 1a4191f..0c3dbb9 100644
--- a/en-US/Lightweight_Directory_Access_Protocol_LDAP.xml
+++ b/en-US/Lightweight_Directory_Access_Protocol_LDAP.xml
@@ -909,60 +909,6 @@ include    /etc/openldap/schema/redhat/autofs.schema</screen>
         Extending the schema to match certain specialized requirements is quite involved and beyond the scope of this chapter. Refer to <ulink url="http://www.openldap.org/doc/admin/schema.html" /> for information.
       </para>
     </section>
-    <section id="s2-ldap-files-slapd-conf">
-      <title>Editing <filename>/etc/openldap/slapd.conf</filename></title>
-      <para>
-        To use the <command>slapd</command> LDAP server, modify its configuration file, <filename>/etc/openldap/slapd.conf</filename>, to specify the correct domain and server.
-      </para>
-      <para>
-        The <command>suffix</command> line names the domain for which the LDAP server provides information and should be changed from:
-      </para>
-      <screen>suffix    "dc=your-domain,dc=com"</screen>
-      <para>
-        Edit it accordingly so that it reflects a fully qualified domain name. For example:
-      </para>
-      <screen>suffix    "dc=example,dc=com"</screen>
-      <para>
-        The <command>rootdn</command> entry is the Distinguished Name (DN) for a user who is unrestricted by access controls or administrative limit parameters set for operations on the LDAP directory. The <command>rootdn</command> user can be thought of as the root user for the LDAP directory. In the configuration file, change the <command>rootdn</command> line from its default value as in the following example:
-      </para>
-      <screen>rootdn    "cn=root,dc=example,dc=com"</screen>
-      <para>
-        When populating an LDAP directory over a network, change the <command>rootpw</command> line — replacing the default value with an encrypted password string. To create an encrypted password string, type the following command:
-      </para>
-      <screen>slappasswd</screen>
-      <para>
-        When prompted, type and then re-type a password. The program prints the resulting encrypted password to the shell prompt.
-      </para>
-      <para>
-        Next, copy the newly created encrypted password into the <filename>/etc/openldap/slapd.conf</filename> on one of the <command>rootpw</command> lines and remove the hash sign (<command>#</command>).
-      </para>
-      <para>
-        When finished, the line should look similar to the following example:
-      </para>
-      <screen>rootpw {SSHA}vv2y+i6V6esazrIv70xSSnNAJE18bb2u</screen>
-      <warning>
-        <title>Warning</title>
-        <para>
-          LDAP passwords, including the <command>rootpw</command> directive specified in <filename>/etc/openldap/slapd.conf</filename>, are sent over the network <emphasis>unencrypted</emphasis>, unless TLS encryption is enabled.
-        </para>
-        <para>
-          To enable TLS encryption, review the comments in <filename>/etc/openldap/slapd.conf</filename> and refer to the man page for <filename>slapd.conf</filename>.
-        </para>
-      </warning>
-      <para>
-        For added security, the <command>rootpw</command> directive should be commented out after populating the LDAP directory by preceding it with a hash sign (<command>#</command>).
-      </para>
-      <para>
-        When using the <command>/usr/sbin/slapadd</command> command line tool locally to populate the LDAP directory, use of the <command>rootpw</command> directive is not necessary.
-      </para>
-      <important>
-        <title>Important</title>
-        <para>
-          Only the root user can use <command>/usr/sbin/slapadd</command>. However, the directory server runs as the <filename>ldap</filename> user. Therefore, the directory server is unable to modify any files created by <command>slapadd</command>. To correct this issue, after using <command>slapadd</command>, type the following command:
-        </para>
-        <screen>chown -R ldap /var/lib/ldap</screen>
-      </important>
-    </section>
   </section>
   <section id="s1-ldap-running">
     <title>Running an OpenLDAP Server</title>
