[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: opeldap back-sql oracle with password-hash MD5 enabled



On Friday, 5 February 2010 05:58:01 Nikethan Nagula Raja wrote:
> All,
> 
> We are implementing openldap using oralce as backend and every thing
> is up and running fine  with out any issues.  Now we have an
> additional requirement to hash  the cleartext passwords in oracle
> database for ldap users. Now instead of storing cleartext passwords,
> I'm storing passwords in the same  database column but prefix of the
> schema in braces and MD5 hash value.
> 
> Lets say if we have a user - jsmith with password 123456
> 
> I would store the {MD5}e10adc3949ba59abbe56e057f20f883e     in  the
> database column (userPassword).

How did you come to this format?

Surely you should use the same format OpenLDAP generates (e.g. slappasswd -h 
{MD5}), e.g.:

$ /usr/sbin/slappasswd -h {MD5} -s 123456
{MD5}4QrcOUm6Wau+VuBX8g+IPg==


Regards,
Buchan