[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5207) Password checking: external program

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5207) Password checking: external program
From: hadmut@danisch.de
Date: Thu, 1 Nov 2007 14:53:01 GMT

Howard Chu wrote:
> hadmut@danisch.de wrote:
>> But this opens other questions:
> 
>> Does slapd support multiple password entries?
> 
> Of course. The schema definition for userPassword says that it is a
> multivalued attribute. (Note: "values" not "entries". Seems you need to
> do some more reading on LDAP basics.)

Well, I don't think there's reason to get rude. Please understand that
english is not my first language, and I apologize if I did not meet your
expectations.

And I did not ask about LDAP in common, I asked about the slapd
implementation. So reading LDAP basics would not answer the question.

As it was pointed out before, the details of this {SASL} authentication
scheme are _not_ documented in the slapd manual or any LDAP basics, but
somewhere hidden in the FAQs or even partly undocumented.

> slappasswd doesn't know anything about that. slapd checks until it finds
> a match.

That's what I wanted to know. Obviously, as you yourself point out,
that's an implementation detail.

Does ldappasswd change all entries or just the one matching the given
password?

regards
Hadmut

Prev by Date: Re: (ITS#5207) Password checking: external program
Next by Date: Re: (ITS#5207) Password checking: external program
Index(es):
- Chronological
- Thread