[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch -w "password" only check first 8 words ?



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/09/10 03:50, shyuejyh.tw wrote:
> Hi Everyone:
> i have a question , how can i change ldapsearch command to check password more than 8 words?
>
> my openldap is 2.4.11 (Debian/Lenny)
>
> when i use freeradius 2.0.4 to authentication a account,
> my password is  12345678 , than i type 123456789 ,  Pass .....
>
> this is radius's log:
> rlm_ldap: login attempt by "amo" with password "123456789"
> rlm_ldap: user DN: uid=amo,dc=hello,dc=com
> rlm_ldap: (re)connect to 127.0.0.1:389, authentication 1
> rlm_ldap: bind as uid=amo,dc=hello,dc=com/123456789
> rlm_ldap: waiting for bind result ...
> rlm_ldap: Bind was successful
> rlm_ldap: user amo authenticated succesfully
> ++[ldap] returns ok
>
>
> than i try use  ldapsearch search a user (still use password 123456789)
>
> ldapsearch  -x -b "dc=hello,dc=com" -D "uid=amo,dc=hello,dc=com" -W -h localhost -LLL uid=jojo
> Enter LDAP Password:
> pass than find user information.
>
> dn: uid=jojo,dc=hello,dc=com
> shadowLastChange: 123123
> loginShell: /bin/csh
> gidNumber: 102
> homeDirectory: /home/jojo
> uidNumber: 1002
>
> i guess ldapsearch command just check first 8 words, is this a bug or change something can fix it ?
>
> thanks a lot
>
>
>

hello,

isn't it because you're using CRYPT for password hash?

Regards,
Zdenek

- -- 
Zdenek Styblik
Net/Linux admin
OS TurnovFree.net
email: stybla@turnovfree.net
jabber: stybla@jabber.turnovfree.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkwPITEACgkQ8MreUbSH7im5GQCgqsXKP00+DbvGTLN8wXrozFNS
2D8Anj5GWoyIjz/CjxyI6Q13hs+pSesF
=YmdQ
-----END PGP SIGNATURE-----