[Date Prev][Date Next] [Chronological] [Thread] [Top]

Login Failure



Well I've come to a point where I was set to try some real time test...

I used a test user that I keep on the local machine.  Who was migrated
successfully to the ldap server.

I remove the testuser entries from the local machines files, and then I
tried to login. Failure, Failure, Failure.

I did notice the encypted password in the testuser file is not what I
would expect it to be.  The migrate script sent
{crypt}gYGSGYsyduiedhia== however, the userPassword is showning
something entirely diferrent.  So here is the question:

When one modifies a userPassword as follows:

#>slapd -h {md5}
#>password: ***********
#{md5}ggGUYGiu_8==


testuser.ldif
-------------------
dn: uid=testuser,ou=People,dc=example,dc=com
changetype: modify
replace: userPassword
userPassword: {md5}ggGUYGiu_8==

ldapmodify -H ldap://localhost -D "cn=root,dc=example,dc=com" -x -W -f
testuser.ldif

What is ldap doing with the userPassword to change it.  Should I not be
crypting the password entry?  Should I just put the bare text
{MD5}password as the entry.  The import came from a /etc/shadow file.

I can see the nscd log where it going out for the passwd to ldap server,
however, I don't see anything on the ldap server that it trying to do
anything.