[Date Prev][Date Next] [Chronological] [Thread] [Top]

Question about openldap admin's guide



Hello,

In the OpenLDAP 2.2 Admin Guide, it is stated as
follows:
"To use secrets stored in the LDAP directory, place
plaintext passwords in the userPassword attribute"

Just wondering...
can we use encrypted password, like:
userPassword        {SHA}wektalskgjlaksfgjlf  ??

I've tried to use encrypted password in my directory,
but ldapsearch (I'm using Digest-MD5) will fail with
the following error although I have changed the
password-hash from cleartext to sha:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
        additional info: SASL(-13): authentication
failure: client response doesn't match what we
generated

If we can only use plaintext password, then what's the
purpose of password-hash in the slapd.conf ?

Thanks to anybody who can explain the concept to me...

Newbie,
Lara 

=====
------------------------------------------------------------------------------------ 
La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
                                                                        - Guy de Maupassant -
------------------------------------------------------------------------------------

__________________________________
Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing.
http://photos.yahoo.com/