[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Openldap password problems

To: openldap-technical@openldap.org
Subject: Re: Openldap password problems
From: Ryan Tandy <ryan@nardis.ca>
Date: Thu, 14 May 2015 14:10:11 -0700
Content-disposition: inline
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nardis.ca; s=google; h=date:from:to:subject:message-id:mail-followup-to:references :mime-version:content-type:content-disposition:in-reply-to :user-agent; bh=BWvrRSpHE5LUurvcCE58TBdEU75xJR47h+cmqvUANsQ=; b=uKXyqMoLzPk4GH652q4WfabGSt3aVWfnjO/xcSeYXcxVTwZtRt4VJtyZV58micpUzm aS4LcGtYtcycx+JxvhA5fI+Hz5iLpx+8dOP2qWbxGBRJFb8PmTtuAEO/hscEdiTTRFFL vdSVCnrjJo9LV0QeJt0QIi01aBWb0cnk+T/Cw=
In-reply-to: <BAY178-W300B400218E7C1CFDC72C8FDD80@phx.gbl>
Mail-followup-to: openldap-technical@openldap.org
References: <BAY178-W300B400218E7C1CFDC72C8FDD80@phx.gbl>
User-agent: Mutt/1.5.23 (2014-03-12)

On Thu, May 14, 2015 at 09:02:30PM +0000, jeevan kc wrote:

Hello all,We've just noticed that when a user authenticates via LDAP,it ignores characters after the right password. For example a userjkc900 has Password Welcome1 But the user can type in Welcome1111 orWelcome12 etc and still can get into the application. Its just checkingthe first Welcome1 and they can type anything after that and still canlog in.

Which password hash are you using? Old crypt(3) formats had this kind ofproblem.


Which OpenLDAP version are you using?

Can you provide a few examples of userPassword attributes thatdemonstrate this problem?


Is your application using simple binds, or something else (ie. SASL)?

References:
- Openldap password problems
  - From: jeevan kc <jeev_biz@hotmail.com>

Prev by Date: Re: Openldap password problems
Next by Date: Re: Openldap password problems
Index(es):
- Chronological
- Thread