Re: MigrationTools-40 and encrypted passwords

[charlie derr <cderr@simons-rock.edu>]

Thank you for the quick response.

I've tried editing the perl script (so that it writes {md5} instead of
{crypt} -- to be sure, i tried {MD5} as well), but that didn't work.  I
also tried manually removing the "$1$" from each entry (obviously i'm
guessing here..), but no luck with that either.  The encrypted hash is
getting copied over just fine (I can verify this by seeing that the
userPassword entry is identical to the one in /etc/shadow). I don't
think this is a base64 encoding issue, because a command line query will
show a different value (the base64 encoded version of the password). 
Does anyone know what might be causing the problem, or have any more
information on how md5 interacts with openldap?

	thanx again,
		~c 



Adam Williams wrote:
> 
> >I am working on getting nss and pam ldap working, and am making good progress.  One problem seems to
> >be when i use these MigrationTools (a collection of perl scripts) to try to move the users from a
> >machine into the directory, the userPassword entries get stuck in as {crypt}, but somehow that isn't
> >usable (i can't successfully bind to the server using the password that was set).  Does anyone know
> >what i might be doing wrong?  Any pointers to documentation on these issues would be appreciated.
> >For instance, i'm unsure as to how to determine what encryption method is used on a particular
> >machine (to create the encrypted hashes in /etc/shadow).  I do know md5 is used because of the $1$
> 
> If you have md5 hashes, you need to store them as {md5}blahblahblah
> 
> You should edit the Migration script for passwd as I think it simply
> assumes {crypt}