[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password management question

To: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Subject: Re: Password management question
From: Howard Chu <hyc@symas.com>
Date: Thu, 29 May 2008 07:44:47 -0700
Cc: daniel rahmeh <daniel.rahmeh@gmail.com>, openldap-technical@openldap.org
In-reply-to: <hbf.20080529nxbr@bombur.uio.no>
References: <fda120b70805290156v3a5b37c0j929d45028345156d@mail.gmail.com> <hbf.20080529nuag@bombur.uio.no> <hbf.20080529nxbr@bombur.uio.no>
User-agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.9pre) Gecko/2008043023 SeaMonkey/2.0a1pre

Hallvard B Furuseth wrote:

Sigh.  One paragraph, one thinko/edit error...  I wrote:

As the slapd.conf manpage says, the above directives tell slapd to hash
the password (and how to do so)


No they tell it how to do so.  Default {SSHA} like it says.

if the client changes a password using
the Password Modify extended operation, but not if it uses plain
Add/Modify operations.

But see the slapo-ppolicy manpage. ppolicy_hash_cleartext.

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

References:
- Password management question
  - From: "daniel rahmeh" <daniel.rahmeh@gmail.com>
- Re: Password management question
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Re: Password management question
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: Re: Password management question
Next by Date: Log system
Index(es):
- Chronological
- Thread