[Date Prev][Date Next] [Chronological] [Thread] [Top]

回复: Password Encryption



hi:
    you can set the encrypting userPassword attr. action on just by write
the following directive in the slapd.conf file:
    password-hash        {SHA}
    you can refer the slapd.conf manual pages to see the detail .from your
letter, I think you maybe write something error, because I do this work
successfully, if till can not work well, I suggest you just try another
encrypting mothod like {md5} to test this function .

                          lucky :P)  by China, X.D.Chen

-----Original Message-----
发件人: Cornwall, George <GCornwall@citistreetonline.com>
收件人: 'openldap-software@OpenLDAP.org' <openldap-software@OpenLDAP.org>
日期: 2001年5月10日 3:01
主题: Password Encryption


>We are testing porting our Netscape LDAP functionality over to OpenLDAP. We
>are currently having multiple issues with the encryption of the password
>attribute.
>1) The default password-hash for Netscape is SHA and for OpenLDAP it is
>SSHA. Is there anyway to use the same hash in OpenLDAP? When we try setting
>it in the slapd.conf file (password-hash SHA) we get an error message
>when starting slapd:
>"unknown directive in ldbm database definition (ignored)".
>If this is not doable, we realize we can reset all the passwords (however
we
>are talking about changing approximately 400,000 passwords).
>2) Currently OpenLDAP is not encrypting new or modified passwords, but
>instead leaving them as clear text. What do we need to modify to turn
>encryption on?
>
>Any help is greatly appreciated.
>
>Ged Cornwall
>Senior Architect, Web Solutions
>gcornwall@citistreetonline.com
>904.791.2195
>
>
>
>