I have a IPA server running on CentOS server. I have multiple Solaris boxes that use this IPA server for SSH authentication. When configuring the Solaris hosts to be IPA clients, one of the things i had to do was to configure LDAP. This involved editing the /etc/ldap.conf file. It looks like this now -
binddn uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com bindpw <password in plain text> ssl start_tls tls_cacertfile /var/ldap/cer8.db tls_checkpeer yes bind_timelimit 5 timelimit 15 uri ldap://example.com sudoers_base ou=SUDOers,dc=example,dc=com TLS_CERT /var/ldap/cer8.db As you can see, the bind password is being stored in clear text. Is there a workaround for this? Has someone done this on a Solaris-11 platform? Thanks.
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
