[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Password HASH
Hi,
On Friday 20 June 2003 11:21, philippe.broussard@e-qual.fr wrote:
> I would want an explanation of the bind method, the password hash more
> precisely.
>
> Here's my idea about that :
>
> Client sends the password in clear to the server, the server
> encrypts it with the method defined by
> The directive password hash in slapd.conf and the server
> compares the obtained hash and the hash that
> contains in the attribute UserPassword of the entry.
I am not really sure about it, but IMHO you are correct with one little
exception:
The server uses the method defined in the objects's userPassword
attribute.
AFAIK the password-hash statement in slapd.conf is for the
setPassword extended operation.
If you want to know it for sure, you have to look it up in the code.
Peter
--
Peter Marschall
eMail: peter@adpm.de