[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#7981) Feature request: Crypt scheme in pwdPolicy

To: openldap-its@OpenLDAP.org
Subject: (ITS#7981) Feature request: Crypt scheme in pwdPolicy
From: michael@stroeder.com
Date: Fri, 14 Nov 2014 09:31:25 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: 
Version: 
OS: 
URL: 
Submission from: (NULL) (79.219.125.95)


It would be handy if the password storage/crypt scheme could be specified in a
pwdPolicy entry. LDAP Modify Password Ext.Op. should use this information
instead of global configuration olcPasswordHash.

Rationale: There might be in one database several different account types needed
with pwdPolicySubentry pointing to separate pwdPolicy entries.

Example:
- Normal account with strongly hashed password for direct LDAP simple bind
- Clear-text userPassword for WLAN authenticated through RADIUS server

Ideally this should be standardized when the ldapext WG is revived. ;-)

Prev by Date: (ITS#7980) LMDB added support for user context in compare function
Next by Date: (ITS#7982) Add tls cipher suite, protocol to ldapsearch debug logging
Index(es):
- Chronological
- Thread