Use DIGEST-MD5 authentication for OpenLDAP replication

This avoids passing rootdn passwords or replicated data in cleartext across the network. Signed-of-by: Andrew Bartlett <abartlet@samba.org> (This used to be commit 67373c143a1d8a9f310fd116dbf81c1dd123b75f)
author: Oliver Liebel <oliver@itc.li> 2008-09-08 14:39:54 +1000
committer: Andrew Bartlett <abartlet@samba.org> 2008-09-08 14:39:54 +1000
commit: b76f383eefe961e8a2f42ac782031e3e09ff7192 (patch)
tree: 61660ccf360213e6e4609b308726b31cfb13c9f2 /source4/setup/mmr_syncrepl.conf
parent: a33eaf564fed201994e799c0f724cd41a3848dc5 (diff)
download: samba-b76f383eefe961e8a2f42ac782031e3e09ff7192.tar.gz
samba-b76f383eefe961e8a2f42ac782031e3e09ff7192.tar.bz2
samba-b76f383eefe961e8a2f42ac782031e3e09ff7192.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/source4/setup/mmr_syncrepl.conf b/source4/setup/mmr_syncrepl.conf
index 3a207b2d13..1373858c4e 100644
--- a/source4/setup/mmr_syncrepl.conf
+++ b/source4/setup/mmr_syncrepl.conf
@@ -5,7 +5,8 @@ syncrepl rid=${RID}
 	searchbase="${MMRDN}"
 	type=refreshAndPersist
 	retry="10 +"
-	bindmethod=simple
-	binddn="CN=Manager,${MMRDN}"
+	bindmethod=sasl
+	saslmech=DIGEST-MD5
+	authcid="replicator"
 	credentials="${MMR_PASSWORD}"
author	Oliver Liebel <oliver@itc.li>	2008-09-08 14:39:54 +1000
committer	Andrew Bartlett <abartlet@samba.org>	2008-09-08 14:39:54 +1000
commit	b76f383eefe961e8a2f42ac782031e3e09ff7192 (patch)
tree	61660ccf360213e6e4609b308726b31cfb13c9f2 /source4/setup/mmr_syncrepl.conf
parent	a33eaf564fed201994e799c0f724cd41a3848dc5 (diff)
download	samba-b76f383eefe961e8a2f42ac782031e3e09ff7192.tar.gz samba-b76f383eefe961e8a2f42ac782031e3e09ff7192.tar.bz2 samba-b76f383eefe961e8a2f42ac782031e3e09ff7192.zip