Am Donnerstag, den 24 Juli hub Ragnar Wisløff folgendes in die Tasten: > I've got Samba doing updates of the LDAP userPassword attribute when a > password change is initiated from a Windows client. However, this requires > binding using the admin LDAP user and supplying the admin password. > So far this is done in a Perl script and storing this admin password in > clear text in the script. I don't like having the password stored like this. > Is there another way? Is it somehow possible to access the password so that > it is not visible? I'm not sure, but it guess, it is possible, to handle the passwordchange under Unix via PAM, so it should be possible, to call /usr/bin/passwd when changing the (samba-)password. Then only PAM has to know the LDAP-admin-password (which is stored in /etc/ldap.secret anyway) Any PAM-guru here? :-) Now I know, what to do tonight... Ciao Max -- Thinking of using Win 2000 for your critical apps? Isn't there enough suffering in the world?!?
Attachment:
pgp00030.pgp
Description: PGP signature