It seems the LDAP auth source password is cleartext in the DB. I was
wondering if this could be stored as a hash instead, like user
passwords are. If this is something that would be OK to have added
let me know and I'll create a ticket for it.
Thanks,
Jake
You should create a ticket. Furthermore, why is foreman storing a password if its using LDAP?
Corey
It seems the LDAP auth source password is cleartext in the DB. I was
wondering if this could be stored as a hash instead, like user
passwords are. If this is something that would be OK to have added
let me know and I’ll create a ticket for it.Thanks,
Jake–
You received this message because you are subscribed to the Google Groups “Foreman users” group.
To post to this group, send email to foreman-users@googlegroups.com.
To unsubscribe from this group, send email to foreman-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/foreman-users?hl=en.
Its the username/password to login to AD as to do the queries for
everyone else with. It's optional, we need it.
I'll create a ticket then shortly.
Thanks,
Jake
I guess he means the user used to bind to LDAP.
If that's correct, inputting the password should be optional - as you can
specify:
Username: yourdomain$login
And leave the password blank.
It will then use the login/password of the current user for binding.
Cheers,
Marcello
You should create a ticket. Furthermore, why is foreman storing a password
if its using LDAP?
Corey
On May 24, 2011, at 1:57 PM, Jake - USPS wrote:
It seems the LDAP auth source password is cleartext in the DB. I was
wondering if this could be stored as a hash instead, like user
passwords are. If this is something that would be OK to have added
let me know and I’ll create a ticket for it.Thanks,
Jake–
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To post to this group, send email to foreman-users@googlegroups.com.
To unsubscribe from this group, send email to
foreman-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/foreman-users?hl=en.
–
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To post to this group, send email to foreman-users@googlegroups.com.
To unsubscribe from this group, send email to
foreman-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/foreman-users?hl=en.
Bug #941: LDAP Auth source password stored cleartext - Foreman created.
Thanks!
Jake
The password should be encrypted in the database.
Corey
I guess he means the user used to bind to LDAP.
If that’s correct, inputting the password should be optional - as you can
specify:Username: yourdomain$login
And leave the password blank.It will then use the login/password of the current user for binding.
Cheers,
Marcello-----Original Message-----
From: foreman-users@googlegroups.com [mailto:foreman-users@googlegroups.com]
On Behalf Of Corey Osman
Sent: dinsdag 24 mei 2011 23:03
To: foreman-users@googlegroups.com
Subject: Re: [foreman-users] LDAP auth source password cleartext in DBYou should create a ticket. Furthermore, why is foreman storing a password
if its using LDAP?Corey
On May 24, 2011, at 1:57 PM, Jake - USPS wrote:It seems the LDAP auth source password is cleartext in the DB. I was
wondering if this could be stored as a hash instead, like user
passwords are. If this is something that would be OK to have added
let me know and I’ll create a ticket for it.Thanks,
Jake–
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To post to this group, send email to foreman-users@googlegroups.com.
To unsubscribe from this group, send email to
foreman-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/foreman-users?hl=en.–
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To post to this group, send email to foreman-users@googlegroups.com.
To unsubscribe from this group, send email to
foreman-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/foreman-users?hl=en.–
You received this message because you are subscribed to the Google Groups “Foreman users” group.
To post to this group, send email to foreman-users@googlegroups.com.
To unsubscribe from this group, send email to foreman-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/foreman-users?hl=en.
Dude, that worked! I like that much better then what I was doing.
I'm assuming since there are both a username/password field in the
LDAP Auth source that there could be a need for both to be filled
sometimes? So I think saving the password cleartext should still be
addressed. But I guess I don't care anymore since I have a better
solution for my environment! 
Thanks again!
Jake