Re: authentication passwords

[Tony Earnshaw <tonye@billy.demon.nl>]

lør, 27.12.2003 kl. 16.07 skrev Craig White:

> I'm confused and trying to work this out.
> 
> I am trying to use LDAP for backend authentication and trying to track
> various methods of entering/changing passwords. I am also trying to put
> the posixAccount & sambaSamAccount info in each user record.
> 
> My slapd.conf has (and I don't know how much this matters)...
> password-hash   {crypt}
> password-crypt-salt-format      "$1$%.8s"

[...]

> Red Hat AS 3 - this might matter
> Evidently I don't get it. Point me in a direction?

Had jumped over this one. Saw Paul's answer and things clicked - as far
as my RH RHEL 3 is concerned. This is *not* an authoritative answer and
may not work for you, but it does for me:

I ripped out RH's Openldap 2.0.27 and installed my own 2.1.25/BDB
4.1.25/SASL 2.1.15 as the first thing I did after the installation. This
hasn't anything to do with your own installation, but I'm duty bound to
tell you.

- All the password encryption types must be the same (which for you they
are presently not);
- I have the encryption type set to "plaintext" and authconfig type LDAP
because that's what I need for Cyrus SASL LDAP-auxprop-based AUTH;
- The RedHat RHEL 3 authconfig utility ruins my /etc/ldap.conf every
time I experiment with it, so I keep an original copy of ldap.conf as a
backup (in the worst case, even root can't log in any more at runlevel
3/5 and it's necessary to start the machine up in init 1 mode and repair
things by hand).

I can go on explaining, but the above is the most important.

- bottom line: It Works For Me.

--Tonni

-- 
mail: billy - at - billy.demon.nl
http://billy.demon.nl