[Date Prev][Date Next] [Chronological] [Thread] [Top]

How do I handle passwords for RedHat when stored in LDAP?



Much thanks to people on this list I have got a woriking OpenLdap server

up and running! Thanks all of you that helped!!

My goal is to use LDAP and nss_ldap to handle users and logins.

Now I try to use the  perl migration tools that came with opoenldap to
import various
files in my  /etc into the ldap server.

I have a shadow password setup with md5 passwords. The perl script seams

to generate LDIF code where the passwords are  inserted as userPassword
{crypt }theactualpassword.

Does the {crypt} mean that "theactualpassword" will be encrypted using
crypt before it is stored in the server?
Or is the "{crypt}"  thing just a marker saying here comes a string
encrypted
using crypt.

If I compare the password values that i get from a ldapsearch and
the values in the original /etc/shadow file the values differ. Should
it look like that?

Should I change the migration perlscript to look somthing like
userPassword {md5}theactualpassowrd
instead? (As the passwords in /etc/shadow that I try to store already
are md5 passwords)

Regards
Uno Engborg