Hi Rob, As a company we turn off anonymous bind for security reasons, but have a number of sysaccounts that are used in scripts to bind as that bind user and complete an ldapsearch (e.g get list of users, get monitoring metrics). We also have systems such as phabricator that require a sysaccount to connect to freeipa for user login.
At the moment the search and binds are completed using user and password, but we'd like to move away from having to store the password anywhere and instead use certificates ideally provided by the freeipa server. Hope this makes more sense. Thanks, Tania _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
