[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Newbie question: setting userPassword field
At 11:26 AM 2/7/00 -0800, John Kristian wrote:
>> I wish for [the UserPassword] field to be stored and retrieved in an
>> encrypted format.
>
>You mean hashed, with {crypt} or {SHA} (for example), I assume.
>
>> ... can I send the server an unencrypted password, then automatically have it
>> encrypt it for storage?
>
>Netscape Directory Server will do this. OpenLDAP would not, last time
>I checked. But perhaps this feature has been added recently. Anyone?
No. OpenLDAP 1.x recognized hashed values but will not generate them.
We have no plans to add any new features to OpenLDAP 1.2.
For OpenLDAP 2.0, for compatibility with RFC 2256, we are introducing
new mechanisms for storing and changing user passwords. See:
http://search.ietf.org/internet-drafts/draft-zeilenga-ldap-authpasswd-00.txt
http://search.ietf.org/internet-drafts/draft-zeilenga-ldap-passwd-exop-00.txt
Please direct comments regarding these drafts as indicated in the drafts.
Kurt