Looks like LDAP uses plain old crypt(), and I am forced into using that b/c of the setup here. Time to make sure the LDAP server is secure at least. Thanks for your help Gordon. Shawn Quoting Gordon Tetlow <gordont_at_gnf.org>: > On Mon, May 19, 2003 at 02:41:27PM -0500, Shawn Debnath wrote: > > Hi, > > > > Thanks for replying. Yes, we have a centralized linux LDAP server and all > > account information and passwords are stored in it. Why are you using > kerberos > > instead of LDAP for passwords? Any specific gains from doing this? > > I'm a stickler for having account details and authentication portions > separated. Basically passwords in LDAP are less secure than shadow > passwords unless special care is taken with ACLs. I try to keep my > administration nightmare to a minimum by just using Kerberos instead > of worrying about ACLs. With the passwords not in LDAP, I don't have > to worry about securing my directory too much. > > -gordon > --Received on Mon May 19 2003 - 11:17:57 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:08 UTC