[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Hashing the userPassword

To: Suneet Shah <suneetshah2000@gmail.com>
Subject: Re: Hashing the userPassword
From: Michael Ströder <michael@stroeder.com>
Date: Wed, 04 Apr 2012 08:50:08 +0200
Cc: openldap-technical@openldap.org
In-reply-to: <CABtBcwACJ=rp=4kQGzrRuhnjaeHrdUsnm6y3NEWfbeFgv_qd9Q@mail.gmail.com>
References: <CABtBcwACJ=rp=4kQGzrRuhnjaeHrdUsnm6y3NEWfbeFgv_qd9Q@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20120312 Firefox/11.0 SeaMonkey/2.8

Suneet Shah wrote:
> I am creating a user in OpenLDAP using Java. The user is being successfully
> created, but the passwords are being stored in clear text.

How do you set the password? If you send attribute userPassword along when
creating the user's entry with a AddRequest you have to perform the password
hashing at the client's side.

If you use separate Password Modify Extended Operation to set the password of
an *existing* entry the directive 'password-hash' in slapd.conf (or attribute
'olcPasswordHash' in cn=config) is relevant.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Follow-Ups:
- Re: Hashing the userPassword
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>

References:
- Hashing the userPassword
  - From: Suneet Shah <suneetshah2000@gmail.com>

Prev by Date: Hashing the userPassword
Next by Date: Re: Hashing the userPassword
Index(es):
- Chronological
- Thread