On Wed, 2009-11-25 at 13:41 +0100, dan kakon wrote: > Hello John, > > I don't show user's has passwd (userPassword), when i type this > command "ldapsearch -x "uid=dkakon"". > Help me please userPassword is hidden from most users when they search, as its contents can be used in an offline dictionary attack or compared against a rainbow table to discover the actual password. This includes anonymous searches. If you are using pam_ldap and either an LDAPS or LDAP+TLS connection, nobody needs to be able to read the userPassword attribute anyway. If you really want to change this, you can look at the default ACLs that were added to your directory when you created it. That's a bad idea, though. --
<<attachment: smime.p7s>>
-- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
