Ubuntu 10.04 ldap creates admin user with two (plain text) passwords
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Server Guide |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
In [1], the way the admin user is configured is wrong. You shouldn't make a admin user in ou=people *and* set a olcRootPW as well. See [2]. If you do specify a olcRootPW, don't make the admin user. If you do both, you can have an admin user with two passwords (which I had).
Also, the password is supplied in plain text, meaning the server also stores it as plain text (do:
ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b olcDatabase=
so see your password in the tree).
Instead, generate a hash with slappasswd.
So, either use olcRootPW or make an admin entry in ou=people. The 12.04 docs seem to do it right (they make the entry without rootpw).
[1] https:/
[2] http://
affects: | ubuntu-docs (Ubuntu) → serverguide |
Agreed, but we won't be making any corrections to the 10.04 Server Guide. I'm marking this one as 'Won't Fix'. Sorry.