[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-software
Subject:    Re: stupid overall scheme of things question..
From:       "Dieter Kluenter" <dieter () dkluenter ! de>
Date:       2005-01-29 6:39:33
Message-ID: m3wttwu4be.fsf () marin ! l4b ! de
[Download RAW message or body]

Roger Morris <roger.in.eugene@gmail.com> writes:

> Organization has an LDAP server, lets call it ldap1
> I have a web server,call it web1.  I have it setup such that if
> someone logs in to do work on their pages, the authentication is done
> via ldap on ldap1.
>
> Does web1 need to run slapd at all?  I just have /etc/ldap.conf setup.

There is no slapd required on web1

> the LDAP admin is restricting anonymous bind, so I have to use binddn
> and bindpw in /etc/ldap.conf.  Authentication fails if I try to go
> with passwd in just /etc/ldap.secret, I have to have bindpw set in
> /etc/ldap.conf   I would prefer the users not have access to the
> bindpw.   If I were to use slapd, would I then point the ldap info in
> /etc/ldap.conf to the localhost?   I could then use access lists in
> slapd.conf to limit what users could see.

binddn and bindpw are not valid parameters in OPenLDAP's ldap.conf,
configure mod_auth_ldap on web1.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:01443B53
[prev in list] [next in list] [prev in thread] [next in thread]