[Date Prev][Date Next] [Chronological] [Thread] [Top]

Question about openldap admin's guide

To: openldap-software@OpenLDAP.org
Subject: Question about openldap admin's guide
From: Lara Adianto <m1r4cle_26@yahoo.com>
Date: Thu, 19 Feb 2004 04:45:01 -0800 (PST)

Hello,

In the OpenLDAP 2.2 Admin Guide, it is stated as
follows:
"To use secrets stored in the LDAP directory, place
plaintext passwords in the userPassword attribute"

Just wondering...
can we use encrypted password, like:
userPassword        {SHA}wektalskgjlaksfgjlf  ??

I've tried to use encrypted password in my directory,
but ldapsearch (I'm using Digest-MD5) will fail with
the following error although I have changed the
password-hash from cleartext to sha:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
        additional info: SASL(-13): authentication
failure: client response doesn't match what we
generated

If we can only use plaintext password, then what's the
purpose of password-hash in the slapd.conf ?

Thanks to anybody who can explain the concept to me...

Newbie,
Lara 

=====
------------------------------------------------------------------------------------ 
La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
                                                                        - Guy de Maupassant -
------------------------------------------------------------------------------------

__________________________________
Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing.
http://photos.yahoo.com/

Follow-Ups:
- RE: Question about openldap admin's guide
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: Still searching the OpenLDAP webmin module ...
Next by Date: Re: modify dn while replication
Index(es):
- Chronological
- Thread