Strong LDAP Synchronization

I have teamcity set up to run under a windows service account that is on the domain. I would like LDAP to use this account for synchronization binding. In other words, I don't want to specify

java.naming.security.principal=whatever
java.naming.security.credentials=whatever

because these are stored in plain text in ldap-config. What settings do I need to use do to this?

3 comments
Comment actions Permalink

Hi Dave,

LDAP password is indeed stored in plain text, it is a known issue (hopefully will be fixed shortly), but these properties are mandatory for synchronization and in most cases for authorization.


--
Maxim

0
Comment actions Permalink

If there's an YouTrack issue for this, I'd be happy to vote for it. :)

0
Comment actions Permalink

Dave,

I've created one: http://youtrack.jetbrains.net/issue/TW-19432
Unfortunately this issue depends on feature "Edit LDAP properties from web UI", so it's highly unlikely it will be fixed in 7.0. More likely in 7.x.


--
Maxim

0

Please sign in to leave a comment.