[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: passwd transformation ##!



What you are seeing in the result returned by ldapsearch *is* the crypted password *but* it has been base64 encoded, If you base64 decode that string you should be left with the same enty as you entered into the ldapdb.

You could also try using an ldapbrowser like gq (if you use linux) which will disply the password without the base64 encoding.

Hope this helps

Huw

briner wrote:

hi,

I get the following problem:
To be able to log in as a user, the system is going to ask the shadow
informations.

I've finally found that when I add an user entry to the ldapserver, the
ldapserver transform the passwd!

So when the system compare the encrypted password, it see them as
different and don't ly user to log in...

here is my example:

ldapadd -x -h obslin9 -D 'cn=manager,dc=test,dc=com' -w foo

dn: uid=pipo,ou=People,dc=test,dc=com
uid: pipo
cn: pipo Cedric
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
objectClass: top
userPassword: {crypt}pGcHrwn5BOqR6             <------ here
loginShell: /bin/tcsh
uidNumber: 4799
gidNumber: 4700
homeDirectory: /home/system/pipo
gecos: pipo Cedric

adding new entry "uid=pipo,ou=People,dc=obs,dc=unige,dc=ch"

$ ldapsearch -x -L uid=pipo
dn: uid=pipo,ou=People,dc=obs,dc=unige,dc=ch
uid: pipo
cn: pipo Cedric
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
objectClass: top
userPassword:: e2NyeXB0fXBHY0hyd241Qk9xUjY=     <------ here
loginShell: /bin/tcsh
uidNumber: 4799
gidNumber: 4700
homeDirectory: /home/system/pipo
gecos: pipo Cedric

So How can I ask the slapd to not convert the shadow information ??

thanks in advance

briner 2002-10-24