From: Kurt Zeilenga Date: Tue, 19 Jan 1999 23:10:47 +0000 (+0000) Subject: Import slapd.conf and ldap.conf changes from -devel X-Git-Tag: OPENLDAP_REL_ENG_1_1_3~9 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bd4aaf1d72537a74c383a26e10df140be43b7559;p=thirdparty%2Fopenldap.git Import slapd.conf and ldap.conf changes from -devel Mainly comment on 'read' privs and provide references to man pages --- diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5 index a53a3c41bf..3d7831293d 100644 --- a/doc/man/man5/slapd.conf.5 +++ b/doc/man/man5/slapd.conf.5 @@ -238,7 +238,10 @@ Specify the DN of an entry that is not subject to access control or administrative limit restrictions for operations on this database. .TP .B rootpw -Specify a password for the rootdn. +Specify a password (or hash of the password) for the rootdn. +This option accepts all password formats known to the server +including \fB{SHA}\fP, \fB{MD5}\fP, \fB{CRYPT}\fP, and cleartext. +Cleartext passwords are not recommended. .TP .B suffix Specify the DN suffix of queries that will be passed to this diff --git a/libraries/libldap/ldap.conf b/libraries/libldap/ldap.conf index b3d3a6646d..28ca7f5d76 100644 --- a/libraries/libldap/ldap.conf +++ b/libraries/libldap/ldap.conf @@ -2,6 +2,9 @@ # LDAP Defaults # +# See ldap.conf(5) for details +# This file should be world readable. + BASE dc=OpenLDAP, dc=Org HOST ldap.openldap.org diff --git a/servers/slapd/slapd.conf b/servers/slapd/slapd.conf index 901e569382..80e121d300 100644 --- a/servers/slapd/slapd.conf +++ b/servers/slapd/slapd.conf @@ -1,3 +1,7 @@ +# +# See slapd.conf(5) for details on configuration options. +# This file should NOT be world readable. +# include %SYSCONFDIR%/slapd.at.conf include %SYSCONFDIR%/slapd.oc.conf schemacheck off @@ -14,3 +18,5 @@ directory /usr/tmp rootdn "cn=root, dc=your-domain, dc=com" #rootdn "cn=root, o=Your Organization Name, c=US" rootpw secret +# cleartext passwords, especially for the rootdn, should +# be avoid. See slapd.conf(5) for details.