4 Dec
2008
4 Dec
'08
3:49 a.m.
Ben Little wrote:
Yeah, I'm not sure I want to use LDAP (clear text) for authentication.
LDAP is a database, not a password management system. If the incoming Access-Requests contain clear-text passwords, then there is no additional security problem when you check them against LDAP.
I'm starting to think that I can just use md5 passwords in a database or a flat file to manage it, there's really not that many "administrative" users for the cisco equipment. It's either that or pony up several thousands for the Cisco ACS server...it was worth beating my head against a wall for a few days though :-)
Use LDAP. Configure it, and it will work. Alan DeKok.