[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP Accounts losing passwords
On 4/2/03 1:18 PM, "Andrew Findlay" <andrew.findlay@skills-1st.co.uk> wrote:
> On Wed, Apr 02, 2003 at 11:30:59AM -0800, jamie wrote:
>
>> This accounts password is NOT working
> ...
>> userPassword:: e2NyeXB0fXg=
>
> That translates to:
> {crypt}x
> which is certainly not valid. {crypt} format passwords are supposed to
> be hashed with the standard Unix crypt, so they should be at least 13
> characters but you have just 'x'.
>
> Is it possible that you used a passwd-to-ldap translation tool
> running on just /etc/passwd data, and not using /etc/shadow (or
> whatever shadow file your OS uses)? It is very common for the password
> field of /etc/passwd to show just 'x' where there is a shadow file in
> use.
That¹s exactly what happened. I used a script to imprt the users from the
system. When I look at the shadow file all the HS kids have look like this
tanya.dull:x:11950:0:99999:7:::
And the middle schools kids look like this
thomas.fitzpatrick:$1$32961189$7/ui9WgMM/bRCuqFjth3q0:11955::::::
I am a bit confused on how that happened to my shadow file though.
I guess my biggest concern is putting their passwords back into place. I
have a text clear text file with all the login names and passwords.
Does any one have any suggestions on maybe a mass import perl script that
would crypt the passwords and add it back into the ldap DB?
Thanks Alot, Jamie
>
>> This accounts password IS working
> ...
>> userPassword:: e2NyeXB0fSQxJDMyOTYxMjkzJFQ4ZmpIOTJJWVdPRWJFeW5XbkNxWS4=
>
> That translates to:
> {crypt}$1$32961293$T8fjH92IYWOEbEynWnCqY.
>
> which looks like an MD5-style hashed password as used by Linux and
> other newer Unices.
>
>
> Incidentally, the trick for viewing LDIF items containing '::' is to
> use a perl script like the one appended.
>
> Andrew