--On Tuesday, January 14, 2020 9:08 AM +0100 Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> wrote:
The OS is completely and utterly irrelvant to the discussion. It has no knowledge of the internal hashing mechanism used by OpenLDAP.So you are assuming all systems are using the extended operation to authenticate? Acually I've see code that reads the LDAP user's password and then "combines" that with a password the user has entered. In the former case the password encoding matters. I'm not saying the pattern is good, but I've seen it.
Then the application is dependent on clear text passwords, not hashed passwords, and again is irrelevant to this discussion.
--Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>