[Date Prev][Date Next] [Chronological] [Thread] [Top]

Why ldap sasl digest-md5 only works for clear password?



Rpm version: openldap 2.1.16

I want to authenticate users again ldap server with Digest-MD5 SASL mechanism. If I store user password in clear text format in userPassword attribute of ldap directory, it works fine. But if I store the password in any hashed format. e.g. MD5, SHA, it will fail with:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: SASL(-13): authentication failure: client response doesn't match what we generated


Thanks,

Ming