LDAP problem
Igor Brezac
igor at ipass.net
Thu Dec 15 22:43:08 EST 2005
On Fri, 16 Dec 2005, Jure [ISO-8859-2] Pečar wrote:
> On Fri, 16 Dec 2005 00:59:48 +0000
> Alain Williams <addw at phcomp.co.uk> wrote:
>
>> Summary: passwords with openldap 2.0 don't seem to work with openldap 2.2
>
>> userPassword:: cGFzc3dvcmQ=
>
>> /etc/slapd.conf contains (on both machines)
>> password-hash {smd5}
This is meaningless in your configuration. password-hash is used
internally by slapd to generate hashes stored in userPassword.
>
> Well the string above is definitely NOT md5. It looks a lot more like the
> old fashioned crypt() thing.
It is base64 encoded string.
> I remember coming across something similiar a few years back when I was
> trying to add some old solaris boxen to linux environment and hitting this
> same problem. You, however, are moving to a more modern system, so it looks
> like a stupid idea for a modern system to use older password hashing.
> Anyway, check what the sles manuals say, maybe someone got enlightened and
> configured defaluts to be more 'the old unix way'.
>
You are still using an ancient version of openldap. I recommend that you
upgrade openldap first.
--
Igor
More information about the Info-cyrus
mailing list