lists.arthurdejong.org
RSS feed

Re: [nssldap] nss_ldap, tls_key, and nscd

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: [nssldap] nss_ldap, tls_key, and nscd



Chris Adams a écrit :
I guess lots of other people are using nss_ldap; how do you control
access to the LDAP server(s)?  Just using IP-based filters (host
firewalls, router ACLs, etc.)?
We use router ACLs to make LDAP server unaccessible from outside.

For nss, I used unencrypted anonymous connection for a long time, and recently switched to autenticated connections over tls, with a trivial passord, but only in order to distinguish nss traffic (the most inportant one) more easily on server side.

--
BOFH excuse #154:

You can tune a file system, but you can't tune a fish (from most tunefs man pages)