[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: searching userPassword value



Quanah Gibson-Mount wrote:
--On Wednesday, August 02, 2017 6:28 PM -0400 David Magda <dmagda@ee.ryerson.ca> wrote:

Doing an "ldapsearch […] '(userpassword={SHA}*'" gets zero results.

Thanks for any info.

userPassword is base64 encoded, so no, you can't do that.

False. The base64 encoding only happens in the ldapsearch tool just before it prints the result on stdout.

The userPassword schema definition has no substring matching rule. And you should already know to check the schema definition for questions like this.

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/