[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: disable password hash

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: disable password hash
From: "Kervin L. Pierre" <kervin@blueprint-tech.com>
Date: Thu, 23 May 2002 02:40:35 -0400
Cc: hyc@highlandsun.com, openldap-devel@OpenLDAP.org
References: <NMEFLNHODBAOPDKNNJALOEEOCOAA.hyc@highlandsun.com> <10658.163.118.3.50.1022118453.squirrel@blueprint-tech.com> <NMEFLNHODBAOPDKNNJALOEEOCOAA.hyc@highlandsun.com> <5.1.0.14.0.20020522214128.023cfb58@127.0.0.1>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0+) Gecko/20020428

thanks for the clarification,

But my problem remains because slapd insist on hashing the userpassword attribute when users are added. This will cause me to have to do an extra modify to user accounts with every add, in my situation this is more trouble than it sounds like.

I would like to have slapd *not* hash the userpassword attribute, and just store the value recieved unencrypted, just like any other attribute. Is this possible?

Kurt D. Zeilenga wrote:

At 08:49 PM 2002-05-22, kervin@blueprint-tech.com wrote:
The patch causes {CLEARTEXT} scheme to be treated just as the other schemes.
That would break clear text passwords.


I am not seeing how.  Could you please clarify?

I assume the problem is that you are trying to use
Password Modify EXOP.  password-hash {CLEARTEXT}
doesn't work because there is no hash function
for the scheme.

I read the exop draft several times and I can't understand what it does or how I would use it. I need to stick to 1823 functions though, because I need to create users from PHP and maybe other platforms that *may* not support this extension.

--Kervin

Follow-Ups:
- RE: disable password hash
  - From: "Howard Chu" <hyc@highlandsun.com>

References:
- RE: disable password hash
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: RE: disable password hash
Next by Date: RE: disable password hash
Index(es):
- Chronological
- Thread