RE: passwords in ldap

[Guus.Leeuw@t-online.de (Dipl.-Inf. Guus Leeuw jr.)]

>  -----Original Message-----
>  From: owner-openldap-software@OpenLDAP.org
>  [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Listac
>  Sent: Wednesday, July 04, 2001 6:30 PM
>
>  I am not sure wether I talk bullshit or wether your password
>  is just an
>  example, but as far as I know {crypt} is not MD-5. For MD5
>  use {MD5}, though
>  I don´t know wether this referres to cram or digest.
>
>  At least, this would explain you invalid credentials, since
>  "crypting" the
>  string produces a different output than MD-5ing it. If you
>  want to be sure,
>  use slappasswd. It produces a "copy-an-paste" password.

I don't know myself either, but since he's able to login to his
system via pam_ldap, I would suppose that what posted is correct.

Correct if I'm wrong, though.

Cheers,
Guus

>
>  ----- Original Message -----
>  From: "Marcin Radecki" <marcinr@student.uci.agh.edu.pl>
>  To: <openldap-software@OpenLDAP.org>
>  Sent: Wednesday, July 04, 2001 2:46 PM
>  Subject: passwords in ldap
>
>
>  >
>  > Hi,
>  >
>  > My operating system is rh 6.2 with openldap-2.0.11.
>  > I've installed pam_ldap and nss_ldap modules.
>  >
>  > I have userPassword in LDAP {MD5} encoded like this:
>  >
>  > {crypt}$1$hTSiVQg/$EFqBihLO48dJxeN2aVdNb/
>  >
>  > and I can login successfully to system via pam_ldap module.
>  > But it doesn't work when I'm trying BIND to LDAP database
>  > as that (eg. myuser) user.
>  >
>  > ldapsearch -b "dc=com,dc=pl" -x -w password -D
>  "uid=myuser,dc=com,dc=pl"
>  >
>  > responds with: ldap_bind: Invalid credentials
>  >
>  > Once password works, but in other case doesn't.
>  > Can anyone help me with this mystery?
>  >
>  > Marcin
>  >
>  >
>  >
>