[Date Prev][Date Next] [Chronological] [Thread] [Top]

crypt userPassword

To: openldap-software@OpenLDAP.org
Subject: crypt userPassword
From: Lise Didillon <ldidillon@prologue-software.fr>
Date: Mon, 05 Nov 2001 14:37:01 +0100

I'm a french user so excuse me for my bad english. I release openldap from 1.2.9 version to 2.0.15 version on a Mandrake linux system 7.02. I want to add a new user in my directory (ldapadd ... -f toto.ldif) using the crypt function with two characters for the salt, but the added userpassword in the directory doesn't seem to be in the format defined in RFC 2307 (here, userPassword: {crypt}LaO1VKZKzWpwk

the ldif file tata.ldif contains:
__________________________________
dn: uid=tata,ou=People,ou=confAdmin
uid: tata
cn: Lise DIDILLON
objectClass: account
objectClass: posixAccount
objectClass: top
userPassword: {crypt}LaO1VKZKzWpwk
loginShell: /bin/bash
uidNumber: 501
gidNumber: 100
homeDirectory: /home/users/tata
________________________________

but when I run the following command: /usr/local/bin/ldapsearch -b 'ou=confAdmin' -s sub -D "cn=admin,ou=confAdmin" -w admin '(uid=tata)'

I obtain the following result:
_______________________________________________________
version: 2

#
# filter: (uid=tata)
# requesting: ALL
#

# tata, People, confAdmin
dn: uid=tata,ou=People,ou=confAdmin
uid: tata
cn: Lise DIDILLON
objectClass: account
objectClass: posixAccount
objectClass: top
userPassword:: e2NyeXB0fUxhTzFWS1pLeldwd2s=
loginShell: /bin/bash
uidNumber: 501
gidNumber: 100
homeDirectory: /home/users/tata

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
_______________________________________________________

why do I obtain userPassword: e2NyeXB0fUxhTzFWS1pLeldwd2s= instead of the one noted in the ldif file: userPassword: {crypt}LaO1VKZKzWpwk

the slapd.conf has the following two lines:
password-hash {CRYPT}
password-crypt-salt-format "%.2s"

and I use the following onfigure option: ./configure --with-ldbm-api=gdbm --enable-shared=yes --enable-dynamic --enable-static=yes --host=i586-mandrake-linux-gnu --with-tls=no --enable-crypt --without-cyrus-sasl

thank you for your help

Lise Didillon   - Ligne produit Linux -
Prologue Software
12 Av. des Tropiques -ZA de Courtaboeuf
BP 73 -91943 Les Ulis Cedex     -FRANCE-
Tel : 01 69 29 39 39	Fax : 01 69 28 89 55
mailto:ldidillon@prologue-software.fr
http://www.prologue-software.fr (ou .com)

Follow-Ups:
- Re: crypt userPassword
  - From: Andreas Hasenack <andreas@conectiva.com.br>

Prev by Date: How to use Sybase as Backend to Openldap ?
Next by Date: How to express an access controle clause
Index(es):
- Chronological
- Thread