[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP as a SASL backend

To: openldap-software@openldap.org
Subject: Re: OpenLDAP as a SASL backend
From: "Dieter Kluenter" <dieter@dkluenter.de>
Date: Mon, 05 Nov 2007 17:38:11 +0100
In-reply-to: <d25e0d550711050320y419699e5o4b09cdb591701bde@mail.gmail.com> (Zohar Lev Shani's message of "Mon, 5 Nov 2007 13:20:04 +0200")
References: <d25e0d550710110313l47a0cccch28a944a7bed8a70@mail.gmail.com> <470E5A70.2050405@olp.net> <d25e0d550710230304l2555456dycba279608ca6e555@mail.gmail.com> <87abq9g3bi.fsf@magenta.l4b.de> <d25e0d550711041451m184d3c7ar73c98b1fb4bc493c@mail.gmail.com> <87ir4hyykm.fsf@magenta.l4b.de> <472EC534.6030107@symas.com> <d25e0d550711050320y419699e5o4b09cdb591701bde@mail.gmail.com>
User-agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.5-b28 (linux)

"Zohar Lev Shani" <levshani5252@gmail.com> writes:

> I understand now why I cannot put hashed userPassword when I use SASL. But,
> does it mean that the ONLY place where I can use hashed passwords for
> authentication is the rootpw directive in slapd.conf, or, there are more
> sensible use cases where it can be used?
>
> On 11/5/07, Howard Chu <hyc@symas.com> wrote:
>     Dieter Kluenter wrote:
>     > "Zohar Lev Shani" < levshani5252@gmail.com > writes:
[...]

You may use hashed passwords as userPassword attribute value for
simple binds. Why do you want hashed passwords at all? I think this is
just security by obscurity.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6

References:
- Re: OpenLDAP as a SASL backend
  - From: "Zohar Lev Shani" <levshani5252@gmail.com>
- Re: OpenLDAP as a SASL backend
  - From: "Dieter Kluenter" <dieter@dkluenter.de>
- Re: OpenLDAP as a SASL backend
  - From: Howard Chu <hyc@symas.com>
- Re: OpenLDAP as a SASL backend
  - From: "Zohar Lev Shani" <levshani5252@gmail.com>

Prev by Date: Re: OpenLDAP as a SASL backend
Next by Date: Atomicity of on-the-fly updates of ACL entries (using ldapmodify)?
Index(es):
- Chronological
- Thread