[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password HASH

To: <philippe.broussard@e-qual.fr>, <openldap-software@OpenLDAP.org>
Subject: Re: Password HASH
From: Peter Marschall <peter@adpm.de>
Date: Sat, 21 Jun 2003 11:55:29 +0200
Content-disposition: inline
In-reply-to: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAoTMCUkUVIU+EN1lpRTz5FcKAAAAQAAAAnpXGohSmTEOoiKEJ3OSJsQEAAAAA@e-qual.fr>
Organization: ADPM
References: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAoTMCUkUVIU+EN1lpRTz5FcKAAAAQAAAAnpXGohSmTEOoiKEJ3OSJsQEAAAAA@e-qual.fr>
User-agent: KMail/1.5.1

Hi,

On Friday 20 June 2003 11:21, philippe.broussard@e-qual.fr wrote:
> I would want an explanation of the bind method, the password hash more
> precisely.
>
> Here's my idea about that :
>
> 	Client sends the password in clear to the server, the server
> encrypts it with the method defined by
> 	The directive password hash in slapd.conf and the server
> compares the obtained hash and the hash that
> 	contains in the attribute UserPassword of the entry.

I am not really sure about it, but IMHO you are correct with one little 
exception:
The server uses the method defined in the objects's userPassword
attribute.
AFAIK the password-hash statement in slapd.conf  is for the 
setPassword extended operation.

If you want to know it for sure, you have to look it up in the code.

Peter
-- 
Peter Marschall
eMail: peter@adpm.de

References:
- Password HASH
  - From: <philippe.broussard@e-qual.fr>

Prev by Date: Re: problem with replication when adding a new entry
Next by Date: Re: Obtaining the schema
Index(es):
- Chronological
- Thread