[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: userPassword - if it's stored in {crypt} format, how do you make ldappasswd keep it that way when a user changes it?



have you put these lines in slapd.conf?:

password-hash {CRYPT}
password-crypt-salt-format "%.2s"

in ldap.conf I have only:
pam_password crypt

best regards,
Lise Didillon

At 13:32 20/05/03 -0400, Lawrence, Mike (White Plains) wrote:

Hi - I am having an issue now with ldappasswd.  I am using openldap with
Solaris 8 to allow users to authenticate
via ssh.  Their passwords are stored in the {crypt} format.  After playing
with ACLs, passwd and ldappasswd, I was
finally able to get ldappasswd to be able to change a user's password as
that user.  I am also using SSL/TLS with
the pam padl and nss ldap modules.

The problem now is that when I use ldappasswd and change the password, I
don't believe it is storing it in {crypt}
format after it changes it.  So once it gets changed, authentication stops
working with both the new and old
passwords.  I'm not sure what I need to change - I've tried changing the
pam_password setting in /etc/ldap.conf
to both "pam_password crypt"  and "pam_password exop" with no luck either
way.

Does anyone know how to get ldappasswd to store a newly changed password in
crypt'ed format? Thanks!
This electronic message transmission contains information from the Company that may be proprietary, confidential and/or privileged.
The information is intended only for the use of the individual(s) or entity named above. If you are not the intended recipient, be
aware that any disclosure, copying or distribution or use of the contents of this information is prohibited. If you have received
this electronic transmission in error, please notify the sender immediately by replying to the address listed in the "From:" field.