[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Passwords in OpenLDAP



On Tue, Jun 24, 2003 at 01:10:05PM -0400, Yossef Korang wrote:
> I'm looking at OpenLDAP as a way of authenticating users, and I am 
> trying to find out specifically how the passwords will work, more 
> specifically, how to have ldap get the current user's password.  I'm 
> looking through the archives, but I haven't found anything, yet, on the 
> topic.
> 
> Any help or point in the right direction would be appreciated.
> 

Dear Yossef,

Just like all of the other data, passwords are stored in the
directory.  The system queries the LDAP server via a PAM module, 
to find the data in the userPassword field, given the username, just
like it does for /etc/passwd.

A simple user entry might look like:

dn: uid=someuser,ou=People,o=MyOrg
objectclass: person
objectclass: inetOrgPerson
objectclass: posixAccount
objectclass: inetLocalMailRecipient
cn: Some User
givenname: Some
sn: User
uid: someuser
userPassword: {MD5}Zm1KdYVpW70LRLMuwt3FgA==
loginShell: /usr/bin/bash
uidnumber: 1025
gidnumber: 1000
homeDirectory: /home/someuser
mail: someuser@myorg.com
mailRoutingAddress: someuser@somehost.myorg.com


Cheers,

Brent


--
http://oss.netmojo.ca/