OpenLDAP 2.2 as an attack surface
Centralising authentication on OpenLDAP does not remove the credential problem: it moves it from the local password to the channel and the directory's configuration. A technical note on slapd, syncrepl, SASL/TLS and the places where security is actually decided.
Read more