[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: hashed credentials for idassert-bind?



Steve Eckmann wrote:
> I thought I could use something like
> “credentials={SSHA}/iiPJIZ2Srf+O0HqLIypyKYKccx9V6ag” with idassert-bind or
> acl-bind in configuring an ldap backend in slapd.conf, instead of including
> the cleartext password. But when I try that I get an “invalid credentials”
> error from the proxied Active Directory. I’ve carefully regenerated the hashed
> value with slappasswd and repasted the new value into my slapd.conf file, so
> I’m pretty sure that the hash is correct.

Clients always need clear-text credentials.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature