[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: disable password hash



>> -----Original Message-----
>> From: Kervin L. Pierre [mailto:kervin@blueprint-tech.com]
>
>> thanks for the clarification,
>>
>> But my problem remains because slapd insist on hashing the
>> userpassword  attribute when users are added.  This will cause me to
>> have to do an  extra modify to user accounts with every add, in my
>> situation this is  more trouble than it sounds like.
>
> ????? When entries are added, attribute values are stored verbatim.
> Nothing is modified, userpasswords are not hashed.
>

I wish that were the case, but unfortunately that's not what I'm seeing here.

The default password scheme is SHA1 ( or something similar ).  If the
'password-hash' keyword is not specified, then the userpassword attribute
is stored as a hash using the default scheme.
This is a problem for my perl module that needs the cleartext password so
the win32 system password can be set.
What I'm proposing is having a "null", "none", or "cleartext" arguement to
the 'password-hash' keyword so the password is left alone.
I would love to have feedback on how storing cleartext passwords in the
userpassword attribute can be achieved.  Kurt said that my patch broke
things but I don't know how.
--Kervin