[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: disable password hash

To: <Kurt@OpenLDAP.org>
Subject: RE: disable password hash
From: kervin@blueprint-tech.com
Date: Thu, 23 May 2002 15:58:51 -0400 (EDT)
Cc: <kervin@blueprint-tech.com>, <hyc@highlandsun.com>, <openldap-devel@OpenLDAP.org>
Importance: Normal
In-reply-to: <5.1.0.14.0.20020523103057.0247cad0@127.0.0.1>
References: <NMEFLNHODBAOPDKNNJALIEFICOAA.hyc@highlandsun.com> <3CEC8EE3.6060900@blueprint-tech.com> <NMEFLNHODBAOPDKNNJALIEFICOAA.hyc@highlandsun.com> <5.1.0.14.0.20020523103057.0247cad0@127.0.0.1>

> At 10:07 AM 2002-05-23, kervin@blueprint-tech.com wrote:
>>The default password scheme is SHA1 ( or something similar ).  If the
>>'password-hash' keyword is not specified, then the userpassword
>>attribute is stored as a hash using the default scheme.
>
> No.  password-hash only impacts the password-modify exop is used.
> When LDAP add/modify are used to update userPassword, slapd will
> not alter the value provided by the client.
>
> Kurt

Yes.

I see what my problem is.  'userpassword' attribute is passed to the
backend base64 encoded.  That's done in entry2str().  The backend needs to
decode it before it uses that attribute.

Thanks,
--Kervin

References:
- RE: disable password hash
  - From: "Howard Chu" <hyc@highlandsun.com>
- Re: disable password hash
  - From: "Kervin L. Pierre" <kervin@blueprint-tech.com>
- RE: disable password hash
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: RE: disable password hash
Next by Date: how to configure ldap for netscape
Index(es):
- Chronological
- Thread