[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Double colon in LDIF



Owen DeLong wrote:
I don't know about NS Dir., but, in OpenLDAP, those represent values
that are already server-encrypted.  It's how the server differentiates
between:

userPassword: mypasswordintheclear
userPassword: {md5}anmd5hash
userPassword:: base64alreadyserverencryptedpassword

Huh? That last userPassword value does not signify that it is encrypted. It only signifies that it contains a character which RFC2849 says must be base64-encoded. When you decode it, it may or may not be a password hash, depending on your server configuration when you loaded that value.


--
mike