July 27th, 2011, 10:39 AM
Best (most secure) way to allow user-based LDAP authentication
I am new to LDAP and would like to ask a very basic question. My apologies if this subject had already been discussed, but I cannot seem to find a good answer yet.
What is the best way to allow write access to LDAP, based on *nix user accounts? In other words, I would like user 'root' or 'abc' to be able to manipulate entries without needing the LDAP password. Is this possible? If it is, what is the most secure way?
PS: The user will have an account on the LDAP server machine