O.K.,
I understand, but the problem is that I have to store the password on the
server side and I don't want to do it in
clear text. I'm developing a Webinterface so that users can edit some of
their attributes themselfes.
The problem is that PHP does not support persistent LDAP connections so I
have to bind to the server again each time the page is reloaded.
So that's what I`m trying to do:
First I do an anonymous bind and check if the entered uid does exist in the
directory. If the uid does exist I try to bind to the server with the entered
uid and userpassword. Then I lookup the crypted userpassword in the
directory and store it on the server side and after the page has been
reloaded I bind to the server with the stored uid and userpassword again.
Maybe this is not a very elegant method, but don't know a better way.
----- Original Message -----
Sent: Monday, May 27, 2002 5:13 PM
Subject: AW: bind to LDAP Server using
crypted password
That
means if you give for example "secret" as password and crypt them you become a
output like that -w {CRYPT}1IJV5XjJ2f3Kk
.
The problem that
when you make a search I think is that the cleartext password is normally
taken and crypted .
What i mean is the
server compare crypted password with cryptes password on the Server
.
if
cryptedPassword == cryptedPassword then it is OK .
but your
Problem is that you crypt your crypted Password I think . But I'am not
sure .
Why did you not
use cleartextpassword and a SSL Connection your data is secured over the
Network :)
Regards
Ferruh
Hello,
is there anybody out there who has a idea how
to bind to an LDAP Server with a crypted password.
I've tried to bind to OpenLDAP Server 2.0.21
with the following command
ldapsearch -x -w {CRYPT}1IJV5XjJ2f3Kk
-b"o=myorg, c=de" -D"cn=Directory Manager, o=myorg, c=de"
"(ou=*)"
but I always get a "invalid credentials" error
message.
Thanks in advance.
David
Gey