[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password management question

To: "Hallvard B Furuseth" <h.b.furuseth@usit.uio.no>
Subject: Re: Password management question
From: "daniel rahmeh" <daniel.rahmeh@gmail.com>
Date: Thu, 29 May 2008 16:31:31 +0200
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <hbf.20080529nxbr@bombur.uio.no>
References: <fda120b70805290156v3a5b37c0j929d45028345156d@mail.gmail.com> <hbf.20080529nuag@bombur.uio.no> <hbf.20080529nxbr@bombur.uio.no>

On Thu, May 29, 2008 at 3:53 PM, Hallvard B Furuseth
<h.b.furuseth@usit.uio.no> wrote:
> Sigh.  One paragraph, one thinko/edit error...  I wrote:
>
>> As the slapd.conf manpage says, the above directives tell slapd to hash
>> the password (and how to do so)
>
> No they tell it how to do so.  Default {SSHA} like it says.
>
>> if the client changes a password using
>> the Password Modify extended operation, but not if it uses plain
>> Add/Modify operations.
>
> --
> Hallvard
>

hi,

thank you for the answer, i've have found a way to deal with it, it
can be done via the ppolicy module

overlay ppolicy
ppolicy_default "cn=Standard,ou=politiqueMDP,dc=cvf,dc=fr"
ppolicy_hash_cleartext

the last line tells openLDAP to hash the password even if the
application send it as plain text

thank you

Daniel

References:
- Password management question
  - From: "daniel rahmeh" <daniel.rahmeh@gmail.com>
- Re: Password management question
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Re: Password management question
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: Re: Password management question
Next by Date: Re: Password management question
Index(es):
- Chronological
- Thread