Thus spake Paulo Matos: ... > > Note that the above called "Auth Process" was done with several > applicationss using pam.d files included with pam_ldap-98. > > So what happens? Why does it work with 'crypt password' and does > not work with 'md5 passwd' in scenario 1 and both work in scenario 2? > > Does anyone have a similar problem? How can an ACL on slapd.conf > cause such behavior?! It does not make any sense... > > How exactly is done the password verification?! > > Is this a problem from pam_ldap or openssl? I believe the problem you are seeing is the same I ran into a few weeks ago. The problem is that the crypt() function from OpenSSL doesn't support the MD5 extension. See my posts here for more information: http://www.openldap.org/lists/openldap-software/200103/msg00114.html Note that the solution of re-ordering libraries doesn't seem to have worked consistently; probably the best is to have users change their passwords. Wil -- W. Reilly Cooley wcooley@nakedape.cc Naked Ape Consulting http://nakedape.cc LNXS: Linux/GNU for servers, networks, and http://lnxs.org people who take care of them. *Now with integrated crypto!* irc.openprojects.net #lnxs The penalty for laughing in a courtroom is six months in jail; if it were not for this penalty, the jury would never hear the evidence. -- H. L. Mencken
Attachment:
pgpIdR42E2szT.pgp
Description: PGP signature