![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/debian/README.debian b/debian/README.debian
index 9f57efc873a79f03d296557c50bd6e3aff62372c..e20cf4a2e20530225e2a4a56b2e150609dbcc5ca 100644 (file)
--- a/debian/README.debian
+++ b/debian/README.debian
README.Debian for GOsa 2.5
--------------------------
+* Migrating from earlier Versions
+
+There was a schema change somewhere before 2.5. If you have goServer objects
+inside of your LDAP, you need to export your LDAP contents and add a
+
+objectClass: GOhard
+
+to every entry containing the goServer objectclass.
+
+
* Configure GOsa
By default you can point your favorite browser to the GOsa setup by
debian smarty package to support PHP5 in a propper way.
-* Local configuration - secruity issues
+* Local configuration - security issues
You should be aware, that GOsa reads its configuration files which store
an important LDAP password as the www-data user. If you allow other
people to have i.e. public html directories, they will be able to read
this configuration as well - if you don't take steps against it.
+As a simple solution, you can pass a master password via request headers.
+This can be achieved by running:
+
+# a2enmod headers
+# gosa-encrypt-passwords
+# Remove the comment for /etc/gosa/gosa.secrets in /etc/gosa/apache.conf
+# /etc/init.d/apache2 reload
+
+
----
Cajus Pollmeier <cajus@debian.org> Fri 02 Jun 2006 16:23:50 +0200