On Wed, 2009-11-25 at 13:41 +0100, dan kakon wrote: > Hello John, > > I don't show user's has passwd (userPassword), when i type this > command "ldapsearch -x "uid=dkakon"". > Help me please userPassword is hidden from most users when they search, as its contents can be used in an offline dictionary attack or compared against a rainbow table to discover the actual password. This includes anonymous searches. If you are using pam_ldap and either an LDAPS or LDAP+TLS connection, nobody needs to be able to read the userPassword attribute anyway. If you really want to change this, you can look at the default ACLs that were added to your directory when you created it. That's a bad idea, though. -- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3551 bytes Desc: not available Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20091125/f028cda5/attachment.bin
