本文探讨了NDS(Novell目录服务)如何通过LDAP进行密码管理。NDS自动将用户密码属性与登录属性关联,并允许通过LDAP进行绑定。但由于Novell的安全模型,密码属性无法直接从目录中读取。
MSN:zhoujianguo_leo@hotmail.com
Generally, reading data from NDS and writing data to NDS works with LDAP as you would expect. However, there are a few things of which you should be aware. First, passwords are not treated as any other attribute. Whenever you define userPassword as part of a class in a schema definition, NDS will automatically associate your class with the ndsLoginProperties class and will provide the userPassword as part of the NDS login properties. This allows the object to either log in to NDS or to bind to NDS using LDAP. Because of Novell's security model with NDS, the userPassword attribute cannot be read from the directory. However, you can set the userPassword attribute. In effect, this changes the NDS password for that object.
Generally, reading data from NDS and writing data to NDS works with LDAP as you would expect. However, there are a few things of which you should be aware. First, passwords are not treated as any other attribute. Whenever you define userPassword as part of a class in a schema definition, NDS will automatically associate your class with the ndsLoginProperties class and will provide the userPassword as part of the NDS login properties. This allows the object to either log in to NDS or to bind to NDS using LDAP. Because of Novell's security model with NDS, the userPassword attribute cannot be read from the directory. However, you can set the userPassword attribute. In effect, this changes the NDS password for that object.
扫一扫
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
