[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password encryption for changing passwords

To: "Kick, Claus" <claus.kick@siemens.com>
Subject: Re: Password encryption for changing passwords
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Wed, 12 Mar 2008 11:55:14 +0100
Cc: openldap-technical@openldap.org
In-reply-to: <76B33C75B0B0EC46A3BD4E9D9887038201295B69@ERLM863A.ww001.siemens.net>
References: <76B33C75B0B0EC46A3BD4E9D9887038201295B69@ERLM863A.ww001.siemens.net>

Kick, Claus writes:
> This is in slapd.conf:
> password-hash {CRYPT}
> password-crypt-salt-format      "$1$%.8s"
> 
> The passwords are changed via ldapmodify of the Net::LDAP perl module.
> The changes work, however, the new passwords are unencrypted, at least
> the infamous ldap browser tells me that.
> 
> Honestly, I have no idea where else to look. Could someone provide a
> pointer into the right direction?

Try the slapd.conf manpage:

password-hash <hash> [<hash>...]
    This option configures one or more hashes to be used in generation
    of user passwords stored in the userPassword attribute during
    processing of LDAP Password Modify Extended Operations (RFC 3062).
    (...)
    Note that this option does not alter the normal user applications
    handling of userPassword during LDAP Add, Modify, or other LDAP
    operations.

-- 
Hallvard

Follow-Ups:
- AW: Password encryption for changing passwords
  - From: "Kick, Claus" <claus.kick@siemens.com>

References:
- Password encryption for changing passwords
  - From: "Kick, Claus" <claus.kick@siemens.com>

Prev by Date: Password encryption for changing passwords
Next by Date: AW: Password encryption for changing passwords
Index(es):
- Chronological
- Thread