Use better password hashing by default
This commit is contained in:
parent
23a8bc9717
commit
8ce68659d9
1 changed files with 5 additions and 0 deletions
|
@ -11,6 +11,9 @@ olcLogLevel: none
|
|||
# The tool-threads parameter sets the actual amount of cpu's that is used
|
||||
# for indexing.
|
||||
olcToolThreads: 1
|
||||
# Define used format for CRYPT algorithm
|
||||
# (SHA-512 16-char-salt 50000 rounds)
|
||||
olcPasswordCryptSaltFormat: $6$rounds=50000$%.16s
|
||||
|
||||
# Frontend settings
|
||||
dn: olcDatabase={-1}frontend,cn=config
|
||||
|
@ -24,6 +27,8 @@ olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,c
|
|||
# Allow unauthenticated read access for schema and base DN autodiscovery
|
||||
olcAccess: {1}to dn.exact="" by * read
|
||||
olcAccess: {2}to dn.base="cn=Subschema" by * read
|
||||
# Define CRYPT as preferred algorighm for password hashing
|
||||
olcPasswordHash: {CRYPT}
|
||||
|
||||
# Config db settings
|
||||
dn: olcDatabase=config,cn=config
|
||||
|
|
Loading…
Reference in a new issue