[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SSHA for rootdn issue

To: joerg@schuetter.org, openldap-software@OpenLDAP.org
Subject: Re: SSHA for rootdn issue
From: Peter Marschall <peter@adpm.de>
Date: Sun, 10 Aug 2003 16:53:49 +0200
Content-disposition: inline
In-reply-to: <20030808224218.60eec4a9.joerg@schuetter.org>
Organization: ADPM
References: <01a801c35ddd$ad465890$88c46bc7@clunet.2k> <20030808224218.60eec4a9.joerg@schuetter.org>
User-agent: KMail/1.5.1

Hi,

On Friday 08 August 2003 22:42, joerg@schuetter.org wrote:
> > I have an issue when I use slappasswd {SSHA} then I cut and pates to
> > slapd.conf. My passwd word was 'secret' and wording fine, and the normal
> > user can login fine not until I replace with SSHA passwd. If you put
> > 'secret' back, it's working again. I did cleanup database and migrate
> > the user again by using pdal.com's scripts after I use SSHA. I still can
> > do a search but cannot login. Any idea?
> >
> > dn: uid=codywang,ou=People,dc=clunet,dc=edu
> > userPassword:: e0NSWVBUfUxTLi4ydnRhTXllbGc=
>
> base64 decoded password results in: '{CRYPT}LS..2vtaMyelg', but
> crypt.crypt('secret', 'LS') (generate crypt with seed 'LS') results
> 'LSgOjE04PUmqs'. Is there a reason for using bas64 coded strings?

Although I am not the original poster, I think I can answer your last 
question.
When doing a ldapsearch, user passwords are returned base 64 encoded.
I don't know the exact reason for this behaviour but I assume it's the curly 
braces that make ldapsearch behave this way.

Peter
-- 
Peter Marschall
eMail: peter@adpm.de

Follow-Ups:
- Re: SSHA for rootdn issue
  - From: Todd Lyons <todd@mrball.net>
- Re: SSHA for rootdn issue
  - From: joerg@schuetter.org

References:
- SSHA for rootdn issue
  - From: "cody wang" <codywang@clunet.edu>
- Re: SSHA for rootdn issue
  - From: joerg@schuetter.org

Prev by Date: Re: Check for connection
Next by Date: dn: attribute type undefined
Index(es):
- Chronological
- Thread