[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: openldap server migration issue
- To: Naveen.X1.Sarabu@chase.com
- Subject: Re: openldap server migration issue
- From: Pierangelo Masarati <ando@sys-net.it>
- Date: Sun, 31 Aug 2008 23:33:45 +0200
- Cc: OpenLDAP-Software@openldap.org
- In-reply-to: <2A36599999FAB241B11F78BB5537BBCFCC2556@selgntb880.jpmchase.net>
- References: <2A36599999FAB241B11F78BB5537BBCFCC2556@selgntb880.jpmchase.net>
- User-agent: Thunderbird 2.0.0.16 (X11/20080724)
Please keep replies on the list.
Naveen.X1.Sarabu@chase.com wrote:
Hi,
On the current running prod server i have the same settings(acls).
users line is commented but "by * read " should allow users to read
the information.
What I'm trying to tell you is that ACL parsing never gets to that "by *
read" because it comes __after__ a commented out line. As such, that
"by * read" is either a continuation of the comment or garbage. The
fact that on the "current running prod server you have the same
settings" is irrelevant.
i am suspecting it some thing to do with password scheme. in ldap all
passwprds are in {CRYPT}. I dont know in OS level what scheme it is
using and how to check?
No, passwords are in whatever hash you created them (default {SSHA}),
and {CRYPT} is the worst choice you could make.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Fax: +39 0382 476497
Email: ando@sys-net.it
-----------------------------------