[Date Prev][Date Next]
Re: (ITS#4837) SunLDAP to OpenLDAP migration problem
> <quote who="firstname.lastname@example.org">
>> We want to migrate from using SunLDAP to using OpenLDAP. This involves
>> the existing user data from SunLDAP to OpenLDAP. We were able to do this
>> successfully, however, we found an incompatibility in password
>> "The passwords from SunONE are stored in SSHA format. This means that
>> for each password a salt has been generated. The password + salt is
>> SHA1 algorithm. That encoded string + salt is stored in the password
>> Both SunONE and OpenLDAP support SSHA, however, it seems that SunONE
>> uses an 8 byte salt and OpenLDAP uses a 4 byte salt.
>> So, when OpenLDAP looks at the password strings, it gets the wrong salt,
>> and will fail to decode the password."
>> We're therefore requesting that OpenLDAP provide an option for an 8 byte
>> for the SSHA encryption that is compatible with the SunONE encryption.
>> This will
>> allow us to convert to OpenLDAP without requiring all of our users to
>> their passwords. Thanks.
> Sorry, I don't mean to point out the obvious, but OpenLDAP is an Open
> Source project which means the source code is available for you to patch.
However, you can edit passwd.c:
and change the salt to 8 yourself:
#define SALT_SIZE 4
See how you get on.