-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday 16 Jun 2004 20:48, Paul W. Frields wrote: > I'll be happy to do it. If you don't mind, find out if he wants to make > your changes first. ">I hope the community does remedy all those points to give this very >useful document a more robust treatment of security, and make FC2 a >little less complex to implement samba/ldap on. Definitely...I'm by no means an expert...I'm driven by a need to tie my Windoze and LTSP users together...hence Samba/LDAP....please...pitch in...feel free to rewrite the doc and please let me know if you do so I can try it :-)" Go ahead Paul, thanks. > > On Wed, 2004-06-16 at 15:42, Gavin Henry wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > This has come from the K12OSN project and I have it now on: > > > > http://FedoraNEWS.ORG/ghenry/ldap > > > > It's waiting for me to finish tagging/cleaning it. > > > > Would someone like to Docbook it up for the docs project? I have > > permission to do what ever to it. > > > > I am also on the LDAP team for tldp.org but not really done much about > > it, but this is a very good one to go into it. > > > > I have these points which I sent to him: > > > > 1. The backend ldap should be bdb not ldbm (discussed very in depth on > > the OpenLDAP lists). > > > > 2. You should really have access controls on the LDAP database, as anyone > > can then read your hashed password over the wire, unless, which I didn't > > notice, you only have the LDAP server listening on localhost? > > > > 3. You should be using TLS. > > > > 4. Could you do a wee conclusion, rounding everything off. > > > > > > > > > > P.S. I just found this one on his site: > > > > http://www.vcs.u52.k12.me.us/LDAP/The_SAMBA-LDAP_How-to.html > > > > I don't know which is newer, but this one seems more complete. > > > > I'll check. > > > > Gavin. > > > > I think this comes from: > > > > http://samba.idealx.org/smbldap-howto.en.html > > > > > > - ---------- Forwarded Message ---------- > > > > Subject: [K12OSN] Samba/LDAP how-to in OO format > > Date: Wednesday 16 Jun 2004 03:28 > > From: "David Trask" <dtrask@xxxxxxxxxxxxxxxxx> > > To: K12OSN@xxxxxxxxxx > > > > http://web.vcs.u52.k12.me.us/linux/Samba-LDAP.sxw > > > > here's the Samba LDAP how-to in OO format > > > > David N. Trask > > Technology Teacher/Coordinator > > Vassalboro Community School > > dtrask@xxxxxxxxxxxxxxxxx > > (207)923-3100 > > > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN@xxxxxxxxxx > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see <http://www.k12os.org> > > > > - ------------------------------------------------------- > > > > - -- > > Kind Regards, > > > > Gavin Henry. > > Managing Director. > > > > T +44 (0) 1224 587369 > > M +44 (0) 7930 323266 > > F +44 (0) 1224 742001 > > E ghenry@xxxxxxxxxxxxxxxxxx > > > > Open Source. Open Solutions. > > > > http://www.suretecsystems.com/ > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.2.4 (GNU/Linux) > > > > iD8DBQFA0KKxgNqd7Kng8UoRArTHAKDcOAa52LJQGuaEDeRo1GyTHd2VwQCfdxO8 > > SCZNaH+RdbzGzGx8cPaLdJs= > > =6Ckx > > -----END PGP SIGNATURE----- - -- Kind Regards, Gavin Henry. http://www.magicfx.co.uk http://FedoraNEWS.ORG/ghenry http://shorl.com/dokypyrirypa http://www.suretecsystems.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFA0WE8gNqd7Kng8UoRAgjjAJ4nbLDaerO42cZN1sjnXY5CSS96AACfXHrt bRHbT9edUB3o4rfvxpu/mjo= =rOK7 -----END PGP SIGNATURE-----
