Re: How to make ldap evaluate clear text password vs DES stored password

[yokoyamy@jacic.or.jp]

I can't find 'Pass-Through authentication (section 14.5)' 
in slapd-config(5) man page.

Could you send me its URL?



in message "Re: How to make ldap evaluate clear text password vs DES stored password",
Dan White <dwhite@cafedemocracy.org> wrote:
> On 09/20/18?08:43?+0900, yokoyamy@jacic.or.jp wrote:
> >LDAP’s userPassowrd stored in the RDB has been already DES hashed by
> >original app. On the other hand, input password from ldapseach command
> >line is CREARTEXT.
>  
> >I’d like to change certification process of LDAP source file to make input
> >password into DES hashed by using 2 characters of userPassword as its
> >SALT.
>  
> >I've already known that 2 characters at the beginning of userPasswordwas
> >used as its SALT when it was hashed.
>  
> >So the fact is ,my slapd can read userPassword from the RDB. I think I'll
> >be able to find out what will be SALT to make input password into DES
> >hashed text.
> 
> If the hashed/encrypted password is supported by your local crypt(3)
> library, you can prepend the userPassword value with {CRYPT} as specified
> in slapd-config(5) and section 14.4.2 of the Admin Guide.
> 
> Else, if you have a pam module which supports authentication of your hash,
> take a look at Pass-Through authentication (section 14.5).