[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: second userpassword?



Hi,
can't you expand your schema's to use a new derived person (or what ever dn
you want) with two password attributes:

attributetype ( < custom oid for userPassword > NAME 'myNewUserPassword' SUP
userPassword )

objectclass ( < custom oid for person > NAME 'myNewPerson' SUP person
STRUCTURAL
	MAY ( myNewUserPassword ) )

of course with oid using you organization oid that you get from www.iana.org

what ever you do don't use fake oid

cheers
eli

-----Original Message-----
From: Susanne Benkert [mailto:benkerts@emt.iis.fhg.de]
Sent: Thursday, March 14, 2002 10:15 AM
To: Stefan Palme
Cc: Openldap-Liste
Subject: Re: second userpassword?


Stefan Palme wrote:

> I think the userPassword attribute can have
> multiple values


Hi,

I know that userPassword is a "multiple values attribute" but that 
doesn't really help me, because I have to use different passwords for 
different services and different levels of security. If I just create a 
second userpassword always both where checked - as far as I tested it - 
and if one fits the user is authenticated.

We found out that the objectclass sambaAccount includes two more 
password-attributes (lmpassword and ntpassword) that can be used for 
Windows and Linux, so there have to be a way to create own 
password-attributes(?)

Has anybody already tried something like this? Or are there any other 
possibilities?

Thank you for every piece of information.
Susanne