Re: option for administrator DN?

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Arthur de Jong <arthur [at] arthurdejong.org>
To: nss-pam-ldapd-users <nss-pam-ldapd-users [at] lists.arthurdejong.org>
Subject: Re: option for administrator DN?
Date: Mon, 08 Feb 2010 19:36:31 +0100

On Fri, 5 Feb 2010, Jan Schampera wrote:
> I'd say "AdminDN" is misleading at all, because one might think of the 
> directory admin DN. Regardless of slapd.conf's naming.
>
> "RootDN" as in "use this DN when we are root" is better, yes.

The problem is that this is only used for password modification, e.g.
not for NSS lookups as the root user (like the rootbinddn option in
nss_ldap). Perhaps something more descriptive like rootchangepassworddn
would be an option (it is a bit long though).

I expect that this is the only place where write access to the LDAP
server is needed. Perhaps at some point it may be needed to update
session information though (the nssov overlay in slapd does this).

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org/ --

--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users

option for administrator DN?, Arthur de Jong
- Re: option for administrator DN?, Jan Schampera
  - Re: option for administrator DN?, Arthur de Jong

Prev by Date: Re: option for administrator DN?
Next by Date: libpam_ldap question and password change
Previous by thread: Re: option for administrator DN?
Next by thread: libpam_ldap question and password change