[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#4837) SunLDAP to OpenLDAP migration problem
<quote who="rklein@deep-field.com">
> We want to migrate from using SunLDAP to using OpenLDAP. This involves
> migrating
> the existing user data from SunLDAP to OpenLDAP. We were able to do this
> successfully, however, we found an incompatibility in password encryption.
> Specifically:
>
> "The passwords from SunONE are stored in SSHA format. This means that
> for each password a salt has been generated. The password + salt is
> encoded
> using
> SHA1 algorithm. That encoded string + salt is stored in the password
> field.
>
> Both SunONE and OpenLDAP support SSHA, however, it seems that SunONE
> uses an 8 byte salt and OpenLDAP uses a 4 byte salt.
>
> So, when OpenLDAP looks at the password strings, it gets the wrong salt,
> and will fail to decode the password."
>
> We're therefore requesting that OpenLDAP provide an option for an 8 byte
> salt
> for the SSHA encryption that is compatible with the SunONE encryption.
> This will
> allow us to convert to OpenLDAP without requiring all of our users to
> reset
> their passwords. Thanks.
>
Hi,
Sorry, I don't mean to point out the obvious, but OpenLDAP is an Open
Source project which means the source code is available for you to patch.
Thanks,
Gavin.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghenry@suretecsystems.com
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/