> One possible solution is to have the main LDAP server addressable only > via STARTTLS and a non-SSL, read-only slave on a different host that's > visible only to your LAN.
Very interesting. It would also address some concerns I had with all these third-party LDAP plugins having (potential) write access to the repo. Thanks a lot for the idea! _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
