Re: MD5 password issue

[Quanah Gibson-Mount <quanah@stanford.edu>]

--On Wednesday, July 27, 2005 11:23 AM -0400 Alejandro Acosta 
<alejandro.acosta@comsat.com.ve> wrote:

> The strange thing is that slapcat brings something like:
>
> -- cut here --
> cn: md5user
> description: MD5USER
> userPassword:: e01ENX1jODFlNzI4ZDlkNGMyZjYzNmYwNjdmODljYzE0ODYyYw==
> structuralObjectClass: organizationalRole
> -- cut here --
>
> Notice that the userPassword is pretty different..,  ldap hashed in
> someway  the original password given in the ldif file.

No.  It Mime-Base 64 encoded the attribute value when it was written into 
the LDAP server, which is a standard thing to do in all LDAP servers for 
particular data sets.

If you decode the value, you get:

./mime-decode e01ENX1jODFlNzI4ZDlkNGMyZjYzNmYwNjdmODljYzE0ODYyYw==
{MD5}c81e728d9d4c2f636f067f89cc14862c

which looks to me like what you put in:

userPassword: {MD5}c81e728d9d4c2f636f067f89cc14862c


--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin