[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: ugh. Can't get OpenLDAP to auth users - only Manager.
On Wed, 2003-01-22 at 12:50, Darren Gamble wrote:
> Good day,
Hi, thanks for the reply :-)
> You're doing everything right, but, you just didn't crypt your password
> properly.
Hm. The password was grabbed from the yp map by the PADL migration
tool. Now I'll have to figure out what LDAP wants - which I don't
remember coming across - but I'll review what I have again. If anyone
knows a hack for the PADL tools to get this to happen please let me
know.
> The message that the LDAP server is returning is simply telling
> you that your username and password combination isn't right.
>
> The userPassword value you put in is "{crypt}ONE", that is, a password that
> crypts to the crypted string "ONE", which won't work at all. Note that I
> got this from base64-decoding the value.
Now I'm kinda lost on this part, because the hash above is only a
partial hash. The original hash came from a nis map and is 28
characters long. Maybe I'm misunderstanding what you've said.
>
> You can store the password as plain text for testing (i.e. just "ONE" and
> not "{crypt}ONE"), but for further use you probably want to get some more
> information about how to properly make hashed passwords.
Yes, I definitely want more information on how to properly store the
passwords. I'm somewhat worried now, though. Does this mean I can't
migrate passwords from NIS to LDAP? If I can, does anyone know how? I
used the PADL tools because it seemed like the 'right thing to do at the
time', but I'm discovering several inadequacies in their NIS migration
tool.
Thanks a million.
>
> HTH,
>
> ============================
> Darren Gamble
> Planner, Regional Services
> Shaw Cablesystems GP
> 630 - 3rd Avenue SW
> Calgary, Alberta, Canada
> T2P 4L4
> (403) 781-4948
--
Brian K. Jones
System Administrator
Dept. of Computer Science, Princeton University
jonesy@cs.princeton.edu
http://www.linuxlaboratory.org
http://phat.sourceforge.net
Voice: (609) 258-6080