[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Migrating server results in user password issues
- To: openldap-technical@openldap.org
- Subject: Migrating server results in user password issues
- From: greep elem <g33plm@gmail.com>
- Date: Sat, 27 Aug 2011 18:29:49 +0100
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=Gc9v5xt9XX4doRjA3hGmkjC9ROyPcQWBMR5M/0hPf9Y=; b=MYQ/AJx/lBeipAKXCIkW7g/n0oIbuz90J96I4rPwu2pv/PeWBySPwM1lIZ9pM1hHQm lM6aapWp/iumyLnYT0HL4RzfyolQLB9rlaylQMwuNu7g4qExxaIfYEjmjNy+HVqqa0mv mgUp40odsVzZDdfudhsgmcQhUZmiCsQEQTA+Y=
Hi all,
Hopefully someone can point me in the right direction as I appear to be going around in circles at this stage.
I am attempting to migrate from one server running OpenLDAP 2.4.9 configured with old style slapd.conf to a new server running openldap 2.4.23 with the dynamic cn=config setup.
I've successfully exported / imported via slapcat and slapadd and using phpLDAPadmin I can browse all my users. The issue I run into is the use passwords do not work when I try to log into services (e.g. IMAP).
Using phpLDAPadmin I perform a password compare and it returns a mismatch.
Looking at the slapcat output for a user, the "userPassword" is afaik md5 run though base64 and presented as such but once bas64 is decoded it matches what phpLDAPadmin reports if I export the user.
userPassword:: e01somedandomdataPT0=
I docode this :
user@server.tld$ perl <<EOF
> use MIME::Base64;
> print decode_base64('e01somedandomdataPT0=') . "\n";
> EOF
{MD5}thisisahash==
Exporting the user in phpLDAPadmin and compare it's reported userPassword to the above perl output and they match. As they match I am at a loss as to why the password is not accepted when I try to login via IMAP or check password in phpLDAPadmin. As soon as I change the password, the account works find and the user can log in.
Any help greatly appreciated, as I would rather not have to reset user passwords!