[Date Prev][Date Next] [Chronological] [Thread] [Top]

Issues migrating from Linux passwd file to OpenLDAP



Hello all,

Here is the issue that I am having. I have recently setup an OpenLDAP database for my local network. My goal is to use this for authentication for all clients on my network. I have been able to configure slapd.conf and the server will start up and run just fine. I have been using the migration tools to convert from the Linux style passwd file to .ldif files to import into my shiny new LDAP database. Everything goes smoothly, including the ldapadd command to import the ldif files. I am importing my users and my groups, as well as the base information for my site. Everything imports in, and i can find every user's DN using ldapsearch, but whenever I try to authenticate with any user imported from the passwd file, it fails authentication. However, if i go and change the user's password with ldappasswd then it will let me authenticate just fine for that user. I think this issue has to do with the fact that ldapadd automatically hashes the value stored in userPassword, but this seems to be causing issues with the SMD5 passwords that are stored in my shadow file. I've tried using {CLEARTEXT}, {CRYPT}, {MD5}, and {SMD5} before the value in the userPassword field, but no matter what i cannot login with the user's actual password. Is there any way to prevent ldapadd from hashing the userPassword value, since it already is encrypted? If not, what is the correct method for importing from passwd file that will not require me to change every user's password manually once imported into the LDAP directory. Below is my system setup.

Slackware Linux 12.2
OpenLDAP 2.4.21 compiled from source
passwd file encryption type: Salted MD5

If you need any more information please don't hesitate to ask. I am willing to provide any information necessary to get this going. Any help or pointers that I can get on this situation would be GREATLY appreciated.

Thanks,

Steve