[Maximilian Wilhelm] > If someone can read this file (=he is root!), we'll other problems... Yes, but being root on a workstation should give the person write access to the central LDAP database. The security of the main server should not depend on the security of each client machine.