[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: crypt passwords



This may be slightly unrelated, but can I remove the rootpw and rootdn
lines from slapd.conf altogether and instead use an ACL referring a
database entry which has all permissions?

As far as creating passwords is concerned, I use the following Perl
snippet to do it:

sub salt
{
	return join ( "" , ( "." , "/" , 0..9 , "A".."Z" , "a".."z" ) [rand 64 , rand 64] ) ;
}
sub makepass
{
	my $plaintextpass = shift ;
	return crypt ( $plaintextpass , salt () ) ;
}

And before you ask, yes, I do code in that fashion with spaces all
over the place ;-)

Regards,

-- Raju

>>>>> "David" == David J Ferrero <david.ferrero@zion.com> writes:

    David> HJohnson@1ClickCharge.com wrote:
    >>  should there then be an attribute in the slapd.oc.conf for
    >> cryptpassword?  Or do I just add it myself?
    >> 
    >> How do I enter the 'manager' password (and all user passwords)
    >> so they are encrypted?

    David> for the rootpw stored in slapd.conf, I used the following
    David> format:

    David> rootpw {crypt}

    David> Then I used htpasswd from Apache to create a cypted
    David> password: htpasswd -c newpasswordfile rootdn This creates
    David> newpasswordfile with rootdn:cryptedpasswd. I copied the
    David> cryptedpasswd to slapd.conf

    David> I believe you could use ldappasswd to create but I don't
    David> know how you could access the crypted value to put into
    David> slapd.conf:

    David> ldappasswd to create a userpassword for my rootdn such as:
    David> ldappasswd -D <rootdn> -w <cleartext-rootpw> this command
    David> should prompt you for the new rootpw...


    David> I'm currently working on a java servlet to collect user
    David> data and create ldap entries using JNDI. Works ok, but the
    David> userpasswords are stored in clear text. I would like to
    David> know how to create crypted userpasswords instead. As you
    David> ask, do I need an entry in slapd.oc.conf such as:

    David> userPassword {crypt}

    David> Any help from the experts?