[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Hashing the userPassword

To: Suneet Shah <suneetshah2000@gmail.com>
Subject: Re: Hashing the userPassword
From: Michael Ströder <michael@stroeder.com>
Date: Mon, 09 Apr 2012 12:56:53 +0200
Cc: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
In-reply-to: <CABtBcwAsRu=1yQ5ENbXwrdPJ3SqSp2mWGt41Ss8wZDhat+0k4A@mail.gmail.com>
References: <CABtBcwACJ=rp=4kQGzrRuhnjaeHrdUsnm6y3NEWfbeFgv_qd9Q@mail.gmail.com> <4F7BEF20.50909@stroeder.com> <CABtBcwAFG=5eiKZ33B1xS2OHTkS=i2P1Sq7m=kRTH0h40f2pXQ@mail.gmail.com> <4F7C48D8.5030008@stroeder.com> <CABtBcwAsRu=1yQ5ENbXwrdPJ3SqSp2mWGt41Ss8wZDhat+0k4A@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20120312 Firefox/11.0 SeaMonkey/2.8

Suneet Shah wrote:
> I added the following attribute to my slapd.conf and it does not store the
> passwords in a hashed form.
> I am using a java program to to set the userPassword attribute after a user
> has been created.
> 
> password-hash   {SSHA}

As said [1] this configuration directive only affects Password Modify extended
operation and therefore you might also wanna use ppolicy_hash_cleartext.

Ciao, Michael.

[1] Follow the responses from here:
http://www.openldap.org/lists/openldap-technical/201204/msg00043.html

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

References:
- Hashing the userPassword
  - From: Suneet Shah <suneetshah2000@gmail.com>
- Re: Hashing the userPassword
  - From: Michael Ströder <michael@stroeder.com>
- Re: Hashing the userPassword
  - From: Michael Ströder <michael@stroeder.com>
- Re: Hashing the userPassword
  - From: Suneet Shah <suneetshah2000@gmail.com>

Prev by Date: ldapadd: invalid format (line 5) entry for LDAP replication
Next by Date: Re: Minimum length for uid attribute
Index(es):
- Chronological
- Thread