Re: MigrationTools-40 and encrypted passwords

[charlie derr <cderr@simons-rock.edu>]

Thank you so much Andreas!!! This is exactly it, I now have it working thanks to your help.  I can't
help but wonder why this patch (the date of the message is from over a year ago) isn't in the stable
tree.  It'd be nice not to have others continue to trip over the same thing.

	~c


Andreas Hasenack wrote:
> 
> Em Wed, Apr 17, 2002 at 11:34:47AM -0400, charlie derr escreveu:
> > I am working on getting nss and pam ldap working, and am making good progress.  One problem seems to
> > be when i use these MigrationTools (a collection of perl scripts) to try to move the users from a
> > machine into the directory, the userPassword entries get stuck in as {crypt}, but somehow that isn't
> > usable (i can't successfully bind to the server using the password that was set).  Does anyone know
> 
> It's ok to be {crypt} with an md5 hash, glibc (linux) will understand it.
> A problem I had was that the md5 algorithm used by the client (in /etc/shadow, f.ex.) and
> the one used by the ldap server were different due to linking problems.
> 
> Wil Cooley explains this in this mailling list post:
> 
> http://www.openldap.org/lists/openldap-software/200103/msg00125.html
> 
> Perhaps that's the problem you are having. I applied that patch and hashes from /etc/shadow
> in userPassword in the ldap server started working again.