Ldap security question
I'm currently trying to setup samba as a primary domain controller using ldap, but to do so, I need an account in ldap with uid = 0, so that I can add machines to the domain. Otherwise it fails with access denied.
My boss is worried that if someone hacks our ldap server, they can get at all of our machines using that account. Is it really that much of a concern? Or is there a work around?
|