[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: iPlanet Directory migration into OpenLDAP
On Tue, 2003-09-09 at 06:57, Michael Ströder wrote:
> Lloyd H. Meinholz wrote:
> > I am dumping the data from
> > Directory Server into an ldif file. I am having is with the passwords.
>
> Should be compatible.
Doesn't seem to be. I used the java gui ldapbrowser to export the ldif
from iPlanet and then to import it into openldap. I've tried
authenticating to the openldap server and it doesn't work.
>
> > I've been searching and can't seem to figure out how to get the
> > passwords converted into a form OpenLDAP can deal with.
>
> You can just re-use the values of attribute 'userPassword' in OpenLDAP.
I do have userPassword in both schema's. What's weird is that after I've
imported the iPlanet ldif into openldap, the userPassword field is of
type BINARY (46b). I have no idea what this means and I can't seem to
change it. I have the password hash set to {SSHA} in slapd.conf and
can't seem to find another setting that resembles BINARY (46b)...
>
> If passwords are hashed (e.g. {SSHA}) you are stuck with LDAP simple bind
> since most SASL mechs (e.g. DIGEST-MD5) need the passwords in clear-text.
>
> Ciao, Michael.
Thanks for the response,
Lloyd