[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
OpenLDAP 2.0 and its crazy userPassword usage
Hello,
I have decided to move from openldap 1.2.11 to openldap 2.0.7.
2.0.7 so far, 2 hasn't exactly tickled my fancy. I have been reading
the incoherent rfc's and have numerously banged my head trying to
get OpenLDAP 2.0.x to add passwords in the traditional form:
userPassword: {CRYPT}cryptedvalue
userPassword: {SHA}cryptedvalue
etc...
attributetype ( 2.5.4.35 NAME 'userPassword'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
and;
objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
DESC 'RFC1274: simple security object'
SUP top AUXILIARY
MUST userPassword )
I found in slapd.conf.5, passwd-hash. however, none of the
values appeared to be crypt as I tried to do comparisons with
generating my own with crypt(); I have no clue what the heck
OpenLDAP is doing, it doesn't look like SHA/SSHA/MD5.
This is the way its supposed to look:
dn: uid=user1, o=My Org., c=US
uid: user1
objectClass: MyObject
userPassword: {CRYPT}aefaefaefaef
<other attributes here>
Instead, it is very determined to do this:
dn: uid=user1, o=My Org., c=US
uid: user1
objectClass: MyObject
userPassword:: e0NSWVBUfWRUL2VHNjFFcjN1R00=
I really really need to make LDAP behave. So any help
I would love to hear it.
Thanks
Jaron Omega