Manuel Afonso wrote: > I have here a big issue: when using phpldapadmin/openldap, all the times there > is (for each user/entry) a field with > > cleartextPassword: <cleartextpassword> (this is seen in > slapcat output) If you don't want your passwords to be stored in clear then simply don't store it in clear. Find out why it's stored there by which component: Which schema is this? Does phpldapadmin create this attribute or another application? Is the clear-text password actually used (e.g. for some challenge-response)? The standard mech to store passwords for normal LDAP simple binds is to put a salted hash of the password in attribute 'userPassword'. > What I want is to put in place a mechanism where there is no plain text field > with the password in clear in each entry of openldap. There is no built-in mechanism in OpenLDAP for reversible encryption of specific attributes. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature