[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: userPassword encryption



On 06/12/09 00:12, Alex Naranjo wrote:
Hi:
My problem is the following i need to store user password in an openldap
server but the user password can not be encrypted. I know that openldap
use hashing algothitm to store this attribute and that i can use clear
text, but i want to store user password using a reversible algorithm not
clear text.
The Active directory accounts has an option (Store Password using
Reversible Encryption) that permit this. Is there any option like this
in an openldap server?

There is nothing built-in to OpenLDAP to do this automatically.

However, you can very easily use any attribute to store this, and store an encrypted value of the password in it, using whatever front-end you use to update passwords.

Alternatively, you could write or adapt an overlay to do this automatically.

Regards,
Jonathan
--
--------------------------------------------------------------
Jonathan Clarke - jonathan@phillipoux.net
--------------------------------------------------------------
Ldap Synchronization Connector (LSC) - http://lsc-project.org
--------------------------------------------------------------