Web lists-archives.com

[Samba] Disabling password expiry for a AD service account for accessing LDAPS, and security best practices.




Dear samba-list, please disregard my previous post.
Since posting I have found a way to avoid the need to create a dedicated AD service account purely to allow Redmine to authenticate via LDAPS and AD. This neatly circumvents my original issue and is much more secure to boot.

For future Redmine users googling, refer to this document here:
https://www.redmine.org/projects/redmine/wiki/RedmineLDAP

The section "Dynamic Bind" in the aforementioned document described how you can force Redmine to assume thatt supplied login credentials are a valid AD account, and to verify these credentials via LDAPS.

Thanks
Stephen Ellwood


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba