From: Paul Wise
Date: Mon, 15 Aug 2016 07:58:58 +0000 (+0800)
Subject: Suggest using TLS when connecting to LDAP directly
X-Git-Tag: release-0.3.40~11
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;ds=sidebyside;h=d969b11020253ede6e8cf5cfa42ce21ab5791081;hp=a4643d03b4e27dac768e01a3145d67ac9fe3187d;p=mirror%2Fuserdir-ldap-cgi.git
Suggest using TLS when connecting to LDAP directly
Avoids manipulation of information by the network.
---
diff --git a/html/doc-direct.wml b/html/doc-direct.wml
index da7912a..2a08180 100644
--- a/html/doc-direct.wml
+++ b/html/doc-direct.wml
@@ -17,12 +17,12 @@ The LDAP utilities package (\
ldap-utils) provides an utility called ldapsearch that can be used
to execute direct queries to the database. This is done by supplying
the following arguments to ldapsearch: -x -H
-ldap://db.debian.org -b dc=debian,dc=org. Alternatively, the
+ldaps://db.debian.org -b dc=debian,dc=org. Alternatively, the
-H and -b options can be put in
one's ~/.ldaprc, in the following form:
[ dbharris@people: ~/ ]$ cat ~/.ldaprc
-HOST db.debian.org
+URI ldaps://db.debian.org
BASE dc=debian,dc=org
@@ -47,7 +47,7 @@ return. If you only specify the query, but don't provide any attributes to
return, all readable attributes are returned. While the example was quite
simple, complex queries can be performed as well:
-[ dbharris@people: ~/ ]$ ldapsearch -x -H ldap://db.debian.org -b dc=debian,dc=org '(&(!(loginshell=/bin/bash))(uid=*))' loginshell
+[ dbharris@people: ~/ ]$ ldapsearch -x -H ldaps://db.debian.org -b dc=debian,dc=org '(&(!(loginshell=/bin/bash))(uid=*))' loginshell