[Date Prev][Date Next] [Chronological] [Thread] [Top]

authentication passwords



I'm confused and trying to work this out.

I am trying to use LDAP for backend authentication and trying to track
various methods of entering/changing passwords. I am also trying to put
the posixAccount & sambaSamAccount info in each user record.

My slapd.conf has (and I don't know how much this matters)...
password-hash   {crypt}
password-crypt-salt-format      "$1$%.8s"

Red Hat AS 3 - this might matter

slappasswd -s sunshine 
{SSHA}LXvnZNXf3oyx1M6SiXMLU/9L930+k3fB

slappasswd -c $1$%.8s -h {SSHA} -s sunshine
{SSHA}1pHlXkIzboulYngP2ENVkI77B6yYTczT

slappasswd -c $1$%.8s -h {crypt} -s sunshine (per slapd.conf)
{CRYPT}$NZHP1PLYmer.

slappasswd -c %s -h {SSHA} -s sunshine (per man page)
{SSHA}iqDfi0B7DRrpmFpm40+b8IkSkM9/WOGb

slappasswd -c %s -h {crypt} -s sunshine (groping here)
{CRYPT}cqAF3fH7QaCLc

I can't tell you what I get from using Webmin's LDAP Users and Groups
because I am at home now but I think it's a crypt method. User only
exists in LDAP - not in /etc/passwd

and if I simply type use the OS...
passwd <username>
sunshine (twice)

it adds to the users ldap userPassword::
e2NyeXB0fSQxJFhQd01XLzBrJDZXdDZMTDJPQ2dHOE5jZHpsa041UDE=

seems to me that this is one of those details that I would rather never
knowing but I have to make peace between samba needs/posix
needs/customer needs to have simplicity in changing their passwords.

Evidently I don't get it. Point me in a direction?

Thanks,

Craig