Re: Copying SSHA userPassword from Oracle to OpenLDAP

[Lucio De Re <lucio.dere@gmail.com>]

On 1/22/19, Nicholas Carl <ncarl.personal@gmail.com> wrote:
>
> # Querying other LDAP server
>
> $ ldapsearch -h oracleServer -D - -w - -b - "uid=-" | grep ^userPassword
>
> userPassword::
> e1NTSEF9S3hNQVVoRGY0Y0ZMVXdVREZQb1VDMFNvRFdRb0c2TnNLRTVZUWc9PQ=
>
> $ ldapsearch -h oracleServer -D - -w - -b - "uid=-" | grep ^userPassword |
> base64 -d
>
> {SSHA}KxMAUhDf4cFLUwUDFPoUC0SoDWQoG6NsKE5YQg==base64: invalid input
>
>
> ## After importing decrypted into new server, the encrypted string matches.
>
> $ ldapsearch -h openLDAPServer -D - -w - "uid=-" | grep ^userPassword
>
> userPassword::
> e1NTSEF9S3hNQVVoRGY0Y0ZMVXdVREZQb1VDMFNvRFdRb0c2TnNLRTVZUWc9PQ=
>
I also get an invalid input. Little wonder it doesn't work:

$ echo 'e1NTSEF9S3hNQVVoRGY0Y0ZMVXdVREZQb1VDMFNvRFdRb0c2TnNLRTVZUWc9PQ='
| base64 -d
{SSHA}KxMAUhDf4cFLUwUDFPoUC0SoDWQoG6NsKE5YQg==base64: invalid input

It's not what you want, is it?

$ echo '{SSHA}KxMAUhDf4cFLUwUDFPoUC0SoDWQoG6NsKE5YQg==' | base64
e1NTSEF9S3hNQVVoRGY0Y0ZMVXdVREZQb1VDMFNvRFdRb0c2TnNLRTVZUWc9PQo=

Was that "o" near the end a cut-n-paste error?

-- 
Lucio De Re