[Archivesspace_Users_Group] LDAP credentials stored at plaintext?

Zachary L Pelli zachary.pelli at shu.edu
Mon Sep 26 16:30:29 EDT 2016


We're working on getting ArchivesSpace configured and our IT department has some concerns. They wish to use LDAP (probably Active Directory) for user authentication. To do this, we would have to have valid bind credentials stored in the config file. The problem they see is that this file is stored with those credentials unencrypted, which is a safety concern.

Have others considered this when setting up their LDAP implementations? What have you done to alleviate this risk?

Thank you,

Zach Pelli
Digital Collections Developer
Seton Hall University Library
zachary.pelli at shu.edu<mailto:zachary.pelli at shu.edu>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lyralists.lyrasis.org/pipermail/archivesspace_users_group/attachments/20160926/81236c82/attachment.html>

More information about the Archivesspace_Users_Group mailing list