[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Inappropriate authentication using {md5} or {sha} ...
I'm trying to set the "rootpw" value in my slapd.conf file using MD5,
or SHA. If I use {crypt} or plaintext I don't have a problem. Can you
tell what I'm doing wrong or what I'm missing?
After I enter the password "Secret4" to the command:
ldapadd -v -h develop.medrepublic.com -D "cn=Manager, dc=MedRepublic, dc=com" -W <<- !!
dn: dc=MedRepublic, dc=com
dc: medrepublic.com
o: MedReublic Organization
objectclass: organization
dn: cn=Manager, dc=MedRepublic, dc=com
cn: Manager
sn: Manager
objectclass: person
!!
I get the message:
Enter LDAP Password: Secret4
ldap_bind: Inappropriate authentication
Here is my "slapd.conf" file:
#---------------------------------------------------------
include /usr/local/etc/openldap/slapd.at.conf
include /usr/local/etc/openldap/slapd.oc.conf
schemacheck off
#referral ldap://root.openldap.org/
pidfile /usr/local/var/slapd.pid
argsfile /usr/local/var/slapd.args
#######################################################################
# ldbm database definitions
#######################################################################
database ldbm
suffix "dc=medrepublic, dc=com"
rootdn "cn=Manager, dc=medrepublic, dc=com"
#rootpw Secret4
rootpw {md5}JDEkTmUkaFRPOVRSMnYwYml6aE5uZjBPQlRqLw==
#rootpw {CRYPT}OMIpblf7N.TuI
#rootpw {SHA}/UL4x0SR0Xq5L9mlddZnSm3pmG1iVw==
directory /home/medrepublic/develop/data/ldap
#---------------------------------------------------------
Here is how I derived the "md5" and the "sha" passwords:
#---------------------------------------------------------
#!/usr/bin/perl
use Crypt::PasswdMD5;
use String::Random;
use MIME::Base64;
use SHA;
if ( $#ARGV != 0 ) {
print STDERR "cryptword: Usage:\n";
print STDERR " cryptword {word}\n";
exit(1);
}
$randomfoo = new String::Random;
$salt = $randomfoo->randpattern("ss");
$password = $ARGV[0]; shift;
print "The DES encrypted password for $password is: {crypt}";
print crypt($password,$salt), "\n";
$cryptedpassword = unix_md5_crypt($password, $salt);
print "The MD5 encrypted password for $password is: {md5}";
$encoded = encode_base64($cryptedpassword);
#print "${cryptedpassword} ${encoded}\n";
print "${encoded}";
$sha = new SHA;
$newsalt = pack ("H*", $salt);
$hash = $sha->hash ($password . $newsalt);
#printf ("%s ", unpack ("H*", $hash));
print "The SHA encrypted password for $password is: {sha}";
print encode_base64 ($hash . $salt, "");
exit(0);
#---------------------------------------------------------
Example execution of "cryptword":
# cryptword Secret4
The DES encrypted password for Secret4 is: {crypt}n3vmujR3T5fcU
The MD5 encrypted password for Secret4 is: {md5}JDEkbjMkTVZsWG5jcHFScUovMmxidzdwSDNYLg==
The SHA encrypted password for Secret4 is: {sha}VlNqRC/0HJCfiftkKwoTE8yMTMVuMw==
Your assistance is appreciated.
--
Frank Koenen
Director of Technical Services
Monet Technologies Inc.
Email: fkoenen@vonworld.com Voice: 1-312-372-7500 x204 Fax: 1-312-372-6020
Visit us on the web: WWW.VIRTUALMONET.COM