[Date Prev][Date Next] [Chronological] [Thread] [Top]

How to make ldap evaluate clear text password vs DES stored password



Hi.

I have user information in RDB which include user-id and password set.

I’ve been trying to use this RDB as backend database for openldap server.

Now,I can find user information in RDB through openldap.

However, I recognized I can’t use this user information for ldap login certification process.

LDAP’s userPassowrd stored in the RDB has been already DES hashed by original app. On the other hand, input password from ldapseach command line is CREARTEXT.

Now I’d like my openldap to change CREATEXT input password into DES hassed text so that they'll match for certification.

I've asked this topic on stackoverflow web site how to do that by server settings.But I couldn’t find proper directives to set.

How to make ldap evaluate clear text password vs DES stored password

Since then,I’ve been searching LDAP source files which is matching input password from ldapsearch command line against userPassword stored in backend RDB for slapd.

I’d like to change certification process of LDAP source file to make input password into DES hashed by using 2 characters of userPassword as its SALT.

I've already known that 2 characters at the beginning of userPasswordwas used as its SALT when it was hashed.

So the fact is ,my slapd can read userPassword from the RDB. I think I'll be able to find out what will be SALT to make input password into DES hashed text.

If I can make opeldap to act this way,I can use user's infomation in the RDB to ldap login inforomation wiht seamless.