Howard had said in a post last year:
For better backward compatibility, olcPasswordHash is allowed in both
the olcGlobal entry and the frontendDB entry. The preferred location
for this setting is now in the frontendDB entry. When generating a
slapd.d from a slapd.conf file, only the frontendDB entry will carry
the attribute. Existing slapd.d configs with the attribute in the
global entry should continue to work but they should be manually
updated to use only the frontendDB entry.
I'm trying to set my OpenLDAP config to use MD5 as the default password
hashing algorithm (to be compatible with some
other things we use). I'm using the latest OpenLDAP install for Ubuntu
Intrepid, which is version 2.4.11.
I added the olcPasswordHash attribute, and the relevant output of my
cn=config (using ldapsearch -xLLL -b
cn=admin,cn=config -W) now looks like this:
dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcSizeLimit: 500
olcPasswordHash: {MD5}
But my passwords, when added/modified using ldappasswd still seem to use
something other than MD5.
Just wondering if anyone might have an idea what's causing the problem?