[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: How can I implement SHA schema??? (ITS#197)
At 01:24 PM 6/9/99 GMT, dtimail@fazenda.sp.gov.br wrote:
>I have a ldif file with encrypted passwords using "secure hash
>algorithm" (sha), and when I create new users, (it`s another ldap
>application, not openldap) the passwords work fine and are entered in
>the database with sha schema. BUT, after installed the openldap, and
>this ldif file imported to it, old users work fine, but new users
>created are included in the database with clear text schema, that is, if
>I get a ldapsearch in the database, the password of the new users are
>showed without any encryptation, so, any people that can read the ldif,
>can get the password of the users.
The OpenLDAP slapd does not encrypt the userPassword attribute
upon modification.
>How can I create new users, encrypting your passwords?
You must do the work on the client side. This can be done
using scripts, cut and paste from /etc/password (when using
{CRYPT} format, or through other means...
Or ldappasswd...
Kurt