> | I thought the ldapd server served up addresses and names, how or why > | does one authenticate users based on this info? Isn't this info > | usually public as far as the organization is concerned? > > Yep. But nobody sane stores passwords in the clear anyway for > serious purposes. Normally what you store is a hash value based on the > password. Hmm. Until now, I thought that hashed passwords, stored in a directory, are not "more" public than hashes stored in the shadow. Assumed, that the LDAP-ACL's are set proper. If you allow access to passwords only for authentication (binding), and deny every other access, there is no significant difference? Or do I overlook the most obvious - what happens surely is one of the lots of my major issues ;-) ? -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
