[Date Prev][Date Next] [Chronological] [Thread] [Top]

migrating already crypted passwords to ldif

To: ldap list <openldap-software@OpenLDAP.org>
Subject: migrating already crypted passwords to ldif
From: "Brian K. Jones" <jonesy@CS.Princeton.EDU>
Date: 27 Jan 2003 15:43:07 -0500
Organization: Princeton University, Dept. of Computer Science

Hi,

I'm unclear on how to handle this.  I have OpenLDAP 2.1.18 (built from
source) running on Redhat 7.3.  I also have the latest nss_ldap,
pam_ldap and padl migration tools.

I'm trying to migrate users from using NIS to using LDAP without forcing
them to change their passwords.  However, I haven't seen any clear
documentation discussing how to enter passwords that are *already*
crypted into my directory.  If I put something like

userPassword: {crypt}mYh45h3dPa55w0rD

Then the result is, of course, a crypted version of the above.  One
additional note is that the above ldif entry, when viewed via
ldapsearch, puts *two* colons after 'userPassword'. The end result looks
something like this:

userPassword:: e2Nye9Bf0RW1mN6sks03Sk

Notice that {crypt} is now gone, there are two colons, and this is a
crypted version of the already crypted string above.  

Eventually, this directory *will* be used for authentication, so if
anyone can tell me how to get LDAP to read the incoming NIS passwords
the same way that NIS did, I would be incredibly grateful.  

Pointers for RTFM welcome.  However, I think I've already read them
all.  
:-(

brian

Follow-Ups:
- Re: migrating already crypted passwords to ldif
  - From: Nalin Dahyabhai <nalin@redhat.com>

Prev by Date: RE: Aix how can log
Next by Date: Missing errors with async functions
Index(es):
- Chronological
- Thread