[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4837) SunLDAP to OpenLDAP migration problem

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#4837) SunLDAP to OpenLDAP migration problem
From: ghenry@suretecsystems.com
Date: Thu, 8 Feb 2007 23:31:38 GMT

<quote who="rklein@deep-field.com">
> We want to migrate from using SunLDAP to using OpenLDAP. This involves
> migrating
> the existing user data from SunLDAP to OpenLDAP. We were able to do this
> successfully, however, we found an incompatibility in password encryption.
> Specifically:
>
> "The passwords from SunONE are stored in SSHA format. This means that
> for each password a salt has been generated. The password + salt is
> encoded
> using
> SHA1 algorithm. That encoded string + salt is stored in the password
> field.
>
> Both SunONE and OpenLDAP support SSHA, however, it seems that SunONE
> uses an 8 byte salt and OpenLDAP uses a 4 byte salt.
>
> So, when OpenLDAP looks at the password strings, it gets the wrong salt,
> and will fail to decode the password."
>
> We're therefore requesting that OpenLDAP provide an option for an 8 byte
> salt
> for the SSHA encryption that is compatible with the SunONE encryption.
> This will
> allow us to convert to OpenLDAP without requiring all of our users to
> reset
> their passwords. Thanks.
>

Hi,

Sorry, I don't mean to point out the obvious, but OpenLDAP is an Open
Source project which means the source code is available for you to patch.

Thanks,

Gavin.

-- 
Kind Regards,

Gavin Henry.
Managing Director.

T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghenry@suretecsystems.com

Open Source. Open Solutions(tm).

http://www.suretecsystems.com/

Prev by Date: (ITS#4837) SunLDAP to OpenLDAP migration problem
Next by Date: Re: (ITS#4837) SunLDAP to OpenLDAP migration problem
Index(es):
- Chronological
- Thread