[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Question about 'userpassword' value

To: Dieter Kluenter <dieter@dkluenter.de>
Subject: Re: Question about 'userpassword' value
From: Michael Ströder <michael@stroeder.com>
Date: Fri, 05 Nov 2004 12:31:47 +0100
Cc: openldap-software@OpenLDAP.org
In-reply-to: <m31xf8mz7v.fsf@marin.l4b.de>
References: <20041102152816.A18B.ZHANG@fjh.fujitsu.com> <56105.131.175.154.56.1099385393.squirrel@131.175.154.56> <20041105172151.BC96.ZHANG@fjh.fujitsu.com> <m31xf8mz7v.fsf@marin.l4b.de>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040913

Dieter Kluenter wrote:
> ZhangPu <zhang@fjh.fujitsu.com> writes:
>
>>Question 1:
>>
>>>If userpassword value is stored with base64 code in database,
>>>is this base64 value fixed?
>
> The value of the attribute userpassword is not stored base64 encoded,
> but only the input/output value is displayed base64 encoded, see RFC
> 2849.

This is not entirely correct. Salt and hash are indeed base64-encoded and the hashing scheme is prefix.

But yes, userPassword attribute is completely base64-encoded in LDIF output of ldapsearch.

See various articles under

http://www.openldap.org/faq/data/cache/419.html

Ciao, Michael.

References:
- Re: Question about "userpassword" value
  - From: ZhangPu <zhang@fjh.fujitsu.com>
- Re: Question about 'userpassword' value
  - From: ZhangPu <zhang@fjh.fujitsu.com>
- Re: Question about 'userpassword' value
  - From: Dieter Kluenter <dieter@dkluenter.de>

Prev by Date: Re: Ldap database slow to communicate
Next by Date: Re: proxycache with error 'no objectClass attribute'
Index(es):
- Chronological
- Thread