Use better password hashing by default
This commit is contained in:
parent
23a8bc9717
commit
8ce68659d9
1 changed files with 5 additions and 0 deletions
|
@ -11,6 +11,9 @@ olcLogLevel: none
|
||||||
# The tool-threads parameter sets the actual amount of cpu's that is used
|
# The tool-threads parameter sets the actual amount of cpu's that is used
|
||||||
# for indexing.
|
# for indexing.
|
||||||
olcToolThreads: 1
|
olcToolThreads: 1
|
||||||
|
# Define used format for CRYPT algorithm
|
||||||
|
# (SHA-512 16-char-salt 50000 rounds)
|
||||||
|
olcPasswordCryptSaltFormat: $6$rounds=50000$%.16s
|
||||||
|
|
||||||
# Frontend settings
|
# Frontend settings
|
||||||
dn: olcDatabase={-1}frontend,cn=config
|
dn: olcDatabase={-1}frontend,cn=config
|
||||||
|
@ -24,6 +27,8 @@ olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,c
|
||||||
# Allow unauthenticated read access for schema and base DN autodiscovery
|
# Allow unauthenticated read access for schema and base DN autodiscovery
|
||||||
olcAccess: {1}to dn.exact="" by * read
|
olcAccess: {1}to dn.exact="" by * read
|
||||||
olcAccess: {2}to dn.base="cn=Subschema" by * read
|
olcAccess: {2}to dn.base="cn=Subschema" by * read
|
||||||
|
# Define CRYPT as preferred algorighm for password hashing
|
||||||
|
olcPasswordHash: {CRYPT}
|
||||||
|
|
||||||
# Config db settings
|
# Config db settings
|
||||||
dn: olcDatabase=config,cn=config
|
dn: olcDatabase=config,cn=config
|
||||||
|
|
Loading…
Reference in a new issue