[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password Encryption

To: "Cornwall, George" <GCornwall@citistreetonline.com>, "'openldap-software@OpenLDAP.org'" <openldap-software@OpenLDAP.org>
Subject: Re: Password Encryption
From: Jens Vagelpohl <jens@digicool.com>
Date: Wed, 09 May 2001 15:00:31 -0400
In-reply-to: <3C4CC57923BCD411A65900508BB355E2089888@wjbs0078xch.fl.wellspringres.com>
User-agent: Microsoft-Entourage/9.0.1.3108

it must read:

password-hash   {SHA}

jens


On 5/9/01 14:48, "Cornwall, George" <GCornwall@citistreetonline.com> wrote:

> We are testing porting our Netscape LDAP functionality over to OpenLDAP. We
> are currently having multiple issues with the encryption of the password
> attribute.
> 1) The default password-hash for Netscape is SHA and for OpenLDAP it is
> SSHA. Is there anyway to use the same hash in OpenLDAP? When we try setting
> it in the slapd.conf file (password-hash    SHA) we get an error message
> when starting slapd:
> "unknown directive in ldbm database definition (ignored)".
> If this is not doable, we realize we can reset all the passwords (however we
> are talking about changing approximately 400,000 passwords).
> 2) Currently OpenLDAP is not encrypting new or modified passwords, but
> instead leaving them as clear text. What do we need to modify to turn
> encryption on?
> 
> Any help is greatly appreciated.
> 
> Ged Cornwall
> Senior Architect, Web Solutions
> gcornwall@citistreetonline.com
> 904.791.2195
> 
> 
>

References:
- Password Encryption
  - From: "Cornwall, George" <GCornwall@citistreetonline.com>

Prev by Date: OpenLDAP 1.2 and Iplanet 4.1 Web server
Next by Date: no validator for syntax
Index(es):
- Chronological
- Thread