LDAP problem

Igor Brezac igor at ipass.net
Thu Dec 15 22:43:08 EST 2005

On Fri, 16 Dec 2005, Jure [ISO-8859-2] Pečar wrote:

> On Fri, 16 Dec 2005 00:59:48 +0000
> Alain Williams <addw at phcomp.co.uk> wrote:
>> Summary: passwords with openldap 2.0 don't seem to work with openldap 2.2
>> 	userPassword:: cGFzc3dvcmQ=
>> /etc/slapd.conf contains (on both machines)
>> 	password-hash   {smd5}

This is meaningless in your configuration.  password-hash is used 
internally by slapd to generate hashes stored in userPassword.

> Well the string above is definitely NOT md5. It looks a lot more like the
> old fashioned crypt() thing.

It is base64 encoded string.

> I remember coming across something similiar a few years back when I was
> trying to add some old solaris boxen to linux environment and hitting this
> same problem. You, however, are moving to a more modern system, so it looks
> like a stupid idea for a modern system to use older password hashing.
> Anyway, check what the sles manuals say, maybe someone got enlightened and
> configured defaluts to be more 'the old unix way'.

You are still using an ancient version of openldap.  I recommend that you 
upgrade openldap first.


More information about the Info-cyrus mailing list