[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Newbie MD5 encryption question
All,
Sorry for the newbie question...
My environment:
OpenLDAP 2.0.12
Solaris 2.6
I was trying to turn on MD5 encryption, which I assumed would automatically
encrypt the 'userPassword' attribute.
Based on an email from the list, I added the following line to the ldap.conf:
pam_pasword MD5
I didn't see this in the man page for ldap.conf, so I wasn't sure it was the
right thing to do.
I then restarted slapd.
I then added an entry with the same userPassword as an existing entry
... and compared them ..
I expected to see the userPassword entry be significantly different, but it
wasn't ( see sample below )...
# 0040400, extern_accts, apps, IOPS
dn: cn=0040400,cn=extern_accts,dc=apps,dc=IOPS
objectClass: person
objectClass: uidobject
objectClass: top
userPassword:: bmV3cGFzcw==
sn: John W. Smith
cn: 0040400
uid: John W. Smith
# 0040499, extern_accts, apps, IOPS
dn: cn=0040499,cn=extern_accts,dc=apps,dc=IOPS
objectClass: person
objectClass: uidobject
objectClass: top
userPassword:: bmV3cGFzcw==
sn: Jane D. Doe
cn: 0040499
uid: Jane D. Doe
I also saw the following snippet in a message... and wondered how they got the
rootpw to be encrypted in slapd.conf.
Snippet...
Snippets from slapd.conf:
# SSL / TLS Support
TLSCertificateFile /usr/local/etc/openldap/server.pem
TLSCertificateKeyFile /usr/local/etc/openldap/server.pem
TLSCACertificateFile /usr/local/etc/openldap/server.pem
database ldbm
suffix "o=forcefield"
rootdn "cn=root,o=forcefield"
rootpw {MD5}eySvyLyA5UjWbE5/9yFxxQ==
directory /var/ldap
# cachesize 10000
dbcachesize 2000000
If there are some resources I'm missing, or a good book I should get, please let
me know.
Thanks for the help,
Louise Mitchell