Am Wed, 17 Aug 2016 14:19:08 +0000 schrieb "Kruger, P (Justid)" <[email protected]>:
> We succesfully installed openldap with: > > - Replication > > - Password policy > > After applying config policy with olcPPolicyHashCleartext: TRUE the > password the replicator user password gets encrypted with ssha. wrong attribute, read slapd-config(5) on olcPasswordHash > Although, according to what I've read, the password with simple bind > should not be encrypted, it seems that replication still is > functioning. The stored Password should be hashed, but as part of a bind operation the password transport must be cleartext. > Questions: > Can anybody tell me if should be expected to cause a problem? > How do you handle the replication user and password in regards to > encrypted passwords? use TLS, or rely on SASL and DIGEST-MD5. > > Second problem we are facing is that the replication OU and > underlaying account are not visible anymore. With slapcat the OU is > still visible in the LDIF file, but not in the LDAP viewer. If I'm > not mistaken, the record is of the type GLUE, which might indicate > that it is not properly replicated and therefore not visible? access rules? do you replicate subordinate databases? [...] -Dieter -- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E
