Credential Storage (System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP))

System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)

Previous: Transport Layer Security (TLS)
Next: Choosing Authentication Methods

Credential Storage

If you configure a client to use a proxy identity, the client saves its proxyDN and proxyPassword in /var/ldap/ldap_client_cred. For the sake of increased security, this file is restricted to root access only, and the value of proxyPassword is encrypted. While past LDAP implementations have stored proxy credentials in a client's profile, Solaris 9 LDAP naming services do not. Any proxy credentials set using ldapclient during initialization are stored locally. This results in improved security surrounding a proxy's DN and password information. See Chapter 16, Setting Up Clients (Tasks) for more information on setting up client profiles.

Previous: Transport Layer Security (TLS)
Next: Choosing Authentication Methods