Best practices of OpenLDAP

We have seen during the course of this book that we can centralize user accounts on an OpenLDAP server or, if we want to ease some administration features on CentOS, we can use the 389-ds. Either way, the underlying directory is OpenLDAP. Now, of course, if the user accounts exits from the directory, then so do our authentication tokens (passwords). We need to ensure that this is secure and effective. OpenLDAP supports different mechanisms for authentication; each, of course, has advantages and disadvantages as follows:

Simple bind: Using the simple bind authentication mechanism, clients pass a clear text password to authenticate themselves to the server. This carries three potential threats: the password can be collected ...

Get CentOS System Administration Essentials now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CentOS System Administration Essentials by Andrew Mallett

Best practices of OpenLDAP

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly