[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: LDAP with PAM.D mixes {CRYPT} and {MD5}

To: "'me@ame.de'" <me@ame.de>, openldap-software@OpenLDAP.org
Subject: RE: LDAP with PAM.D mixes {CRYPT} and {MD5}
From: Jeff Costlow <j.costlow@f5.com>
Date: Mon, 27 Jan 2003 09:40:50 -0800

CRYPT and MD5 passwords are completely different.  CRYPT is what is stored in /etc/password.  MD5 is just an MD5 hash of the password.
I think you really want CRYPT passwords, not MD5.

http://www.openldap.org/faq/data/cache/419.html

-----Original Message-----
From: Matthias Eichler [mailto:mylists@ame.de]
Sent: Monday, January 27, 2003 6:43 AM
To: openldap-software@OpenLDAP.org; pamldap@padl.com
Subject: LDAP with PAM.D mixes {CRYPT} and {MD5}

Hi Folx,

we have some LDAP server with pam_ldap and MD5 passwords
running, but it seems that wheter LDAP or PAM.D mixes
MD5 with CRYPT:

A user has a userPassword set to: {MD5}$1$STRINGBLABLA

When I do a passwd over pam.d as this user now, passwd
stores the new password as a {MD5}-String into the LDAP
directory, but declares this as {CRYPT}.
Looks like this:

---
userPassword: {crypt}$1$bEHlpx.2$L9WYWbmhStUV9iLQ1tg6m.
---

It does not makes sense at all, but it definetely stores
a MD5-String and declares this as crypt...

Does anybody knows how this can happen and how do we
get rid of this bug?!?
- Yes, we have MD5 set in the slapd.conf
- Yes, we have MD5 set in the pam_ldap.conf
- Yes, we have MD5 set in the /etc/pam.d/* files

Thank you for your help.

Matthias

-- 
Matthias Eichler <mylists@ame.de>
AME Aigner Media & Entertainment

Follow-Ups:
- RE: LDAP with PAM.D mixes {CRYPT} and {MD5}
  - From: Matthias Eichler <mylists@ame.de>

Prev by Date: Re: Problem with userCertificate;binary
Next by Date: Re: Problem with userCertificate;binary
Index(es):
- Chronological
- Thread