The mailing list for listmasters using Sympa

[Stewart James <address@concealed>]

Hi All,

I have sympa setup to use an LDAP Database for authentication.

Just for fun I thought what information I get when I 'remind' a list.

Even though all the subscribers are authenticated by LDAP they were sent a
password in the reminder (obvioulsy not the LDAP password).

So I logged in with the nonLDAP password - and it worked! this to me is
bad.

I took it further and sympa allows me to change the nonLDAP password. It
even let me change it when I logged in using the LDAP password.

Hoiw do I stop sympa from allowing people who are in LDAP from
Authenticating. I am sure when I first played with Sympa that things like
changing your password were not available to people who authenticated cia
LDAP, so I am think I broke something.

Can anyone offer some help, or are these known issues for sympa.

Thanks,

Stewart