[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Valid configure options for 2.4.20

To: "J. Landamore" <jal@mcs.le.ac.uk>
Subject: Re: Valid configure options for 2.4.20
From: Zdenek Styblik <stybla@turnovfree.net>
Date: Mon, 14 Dec 2009 23:32:27 +0100
Cc: openldap-technical@openldap.org
In-reply-to: <20091214145717.GG10248@mcs.le.ac.uk>
Openpgp: url=http://stinkfoot.org:11371/pks/lookup?op=index&search=Styblik
Organization: OS TurnovFree.net
References: <20091214145717.GG10248@mcs.le.ac.uk>
User-agent: Thunderbird 2.0.0.23 (X11/20090820)

J. Landamore wrote:
> I'm trying to build 2.4.20 so that it stores the userPassword attribute
> crypt'ed rather than in clear text - yes I know it violates the RFC.

Evening,

I don't know what the problem with dbd might be, but-

btw I've tried to compile and install OpenLDAP 2.4.20 with your
parameters and it worked. But I can't [= I don't have time] to test it
further [more info needed?]

> 
> I tried
> 
> ./configure --enable-crypt --disable-cleartext
> 

most probably yes.

> This compiled fine but failed test002-populate for bdb
> 
> Is this a valid configuration and will it achieve what I want?
> 

I think you still have to specify the prefix {CRYPT}

> Is it possible to store the userPassword attribute crypt'ed?
> 

Yes, it is. We've used it couple months back until we've switched to
{SSHA} :)
I must note, because I'm sure otherwise anybody else will do it, that
CRYPT is weak and shouldn't be used. But I'm sure you know this.

> Thanks
> 
> John
> 

Regards,
Zdenek

-- 
Zdenek Styblik
Net/Linux admin
OS TurnovFree.net
email: stybla@turnovfree.net
jabber: stybla@jabber.turnovfree.net

References:
- Valid configure options for 2.4.20
  - From: "J. Landamore" <jal@mcs.le.ac.uk>

Prev by Date: Re: Valid configure options for 2.4.20
Next by Date: changing userPassword from custom application
Index(es):
- Chronological
- Thread