Re: olcPasswordHash scheme not available

[Howard Chu <hyc@symas.com>]

Pierangelo Masarati wrote:
> That sounds like a bug.  In fact, {K5KEY} is loaded by smbk5pwd, so if
> in slapd.conf you correctly load the module __before__ using
> password-hash things work as expected.  However, when the configuration
> is loaded from the back-config database, modules are loaded __after__
> the global entry, which contains password-hash.  Apparently, checking
> the value of the password-hash attribute must be deferred to __after__
> loading the entire configuration.  This might be true in general.  I
> suggest you file an ITS for this issue <http://www.openldap.org/its/>.

If it's a general problem, then we're going to need to re-shuffle the layout of 
the cn=config tree so that global directives are processed after any modules 
are loaded. But I think password mechs are the only item that can be registered 
at runtime that currently have a problem.

--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP     http://www.openldap.org/project/