Even if LDAP is the requirement - /etc/ldap.conf doesn't have to be world readable, does it? Rob Marti -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Stainforth, Matthew (SD/DS) Sent: Thursday, March 04, 2010 7:58 AM To: redhat-list@xxxxxxxxxx Subject: RE: Protecting the bindpw in /etc/ldap.conf > We're about to set up our RHEL servers to authenticate againts Active > Directory (AD) 2008. I'd like to protect the binding user password > (i.e. > bindpw) so that regulars users can't get hold of it. Are others doing > this > too, or does one not consider this as a security issue? If protecting > it, > how to you set up this? Kerberos is what I use instead of LDAP and it doesn't require a password, at least in my environment. Matt -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
