[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: opeldap back-sql oracle with password-hash MD5 enabled

To: openldap-software@openldap.org
Subject: Re: opeldap back-sql oracle with password-hash MD5 enabled
From: Buchan Milne <bgmilne@staff.telkomsa.net>
Date: Tue, 9 Feb 2010 12:20:38 +0100
Cc: Nikethan Nagula Raja <nikethan@us-buxton.com>
In-reply-to: <236905e71002042058y73019f5cjfe9a88312f36f22f@mail.gmail.com>
References: <236905e71002042058y73019f5cjfe9a88312f36f22f@mail.gmail.com>
User-agent: KMail/1.12.2 (Linux/2.6.31.6-desktop-1mnb; KDE/4.3.2; x86_64; ; )

On Friday, 5 February 2010 05:58:01 Nikethan Nagula Raja wrote:
> All,
> 
> We are implementing openldap using oralce as backend and every thing
> is up and running fine  with out any issues.  Now we have an
> additional requirement to hash  the cleartext passwords in oracle
> database for ldap users. Now instead of storing cleartext passwords,
> I'm storing passwords in the same  database column but prefix of the
> schema in braces and MD5 hash value.
> 
> Lets say if we have a user - jsmith with password 123456
> 
> I would store the {MD5}e10adc3949ba59abbe56e057f20f883e     in  the
> database column (userPassword).

How did you come to this format?

Surely you should use the same format OpenLDAP generates (e.g. slappasswd -h 
{MD5}), e.g.:

$ /usr/sbin/slappasswd -h {MD5} -s 123456
{MD5}4QrcOUm6Wau+VuBX8g+IPg==


Regards,
Buchan

Follow-Ups:
- Re: opeldap back-sql oracle with password-hash MD5 enabled
  - From: Nikethan Nagula Raja <nikethan@us-buxton.com>

References:
- opeldap back-sql oracle with password-hash MD5 enabled
  - From: Nikethan Nagula Raja <nikethan@us-buxton.com>

Prev by Date: Re: searching for attributes without index in 2.4.19 with bdb 4.5
Next by Date: architecture and DIT change strategy
Index(es):
- Chronological
- Thread