Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

CentOS 6.9, LDAP, Vault, Active Directory

Status
Not open for further replies.

MCP2000

MIS
May 24, 2002
159
US
Good Afternoon Folks,

It's been a long time since I posted here, but it's good to be back. I have an issue/goal that I have been trying to resolve/reach for a while, and I cannot seem to find all the right pieces to get me there.

I have some CentOS 6.9 servers which I want to authenticate against an Active Directory domain via LDAP. NOTE: I do NOT want to join these servers to the domain. I merely want to fire off an authentication exchange via LDAP when someone logs into the box. This is to simplify management.

Anyway, the challenge is the Active Directory, of course, does not allow anonymous bind. So, we set up a dedicated, service again to use for binding to Active Directory in order to query it. The problem is, the keepers of the accounts do not want to give us the password or allow the password to be stored in clear text in a conf file.

So here is the question.....

Does anyone know of a way to 1) mask a password during entry into a 2) encrypted storage container (vault?) which can 3) be accessed by the LDAP config when a bind is necessary to authenticate a user? [ponder]

The basic LDAP configuration stuff is no big deal, but the securing of the password while still allowing it to be used is the rub at this point.

Thanks for your help!
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top