[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How can I implement SHA schema??? (ITS#197)

To: openldap-its@OpenLDAP.org
Subject: Re: How can I implement SHA schema??? (ITS#197)
From: Kurt@OpenLDAP.org
Date: Wed, 9 Jun 1999 20:42:30 GMT

At 01:24 PM 6/9/99 GMT, dtimail@fazenda.sp.gov.br wrote:
>I have a ldif file with encrypted passwords using "secure hash
>algorithm" (sha), and when I create new users, (it`s another ldap
>application, not openldap) the passwords work fine and are entered in
>the database with sha schema. BUT, after installed the openldap, and
>this ldif file imported to it, old users work fine, but new users
>created are included in the database with clear text schema, that is, if
>I get a ldapsearch in the database, the password of the new users are
>showed without any encryptation, so, any people that can read the ldif,
>can get the password of the users.

The OpenLDAP slapd does not encrypt the userPassword attribute
upon modification.

>How can I create new users, encrypting your passwords?

You must do the work on the client side.  This can be done
using scripts, cut and paste from /etc/password (when using
{CRYPT} format, or through other means...

Or ldappasswd...

Kurt

Prev by Date: How can I implement SHA schema??? (ITS#197)
Next by Date: pthread.h and pthread_create are not compatible on Solaris 7 (ITS#199)
Index(es):
- Chronological
- Thread