Em Fri, Aug 04, 2000 at 06:32:37PM -0700, W. Reilly Cooley, Esq. escreveu: > Is it really more secure? Forgive me if I'm missing something here, > but the effect of setting ACL which prevents anyone from reading the > hashed password is that the module has to bind to the LDAP server as > the user, which requires passing their password in clear text over This is an issue with openldap-1.2.x, but solved in 2.0. Anyway, you can still use some SSL wrapper, like stunnel, with openldap-1.2.x. I have a patched authconfig that configures stunnel to work with LDAP regarding authentication. With this setup, both the client and the server have to have stunnel running. -- Andreas Hasenack andreas@conectiva.com.br BIG Linux user!
