[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: disable password hash



> At 10:07 AM 2002-05-23, kervin@blueprint-tech.com wrote:
>>The default password scheme is SHA1 ( or something similar ).  If the
>>'password-hash' keyword is not specified, then the userpassword
>>attribute is stored as a hash using the default scheme.
>
> No.  password-hash only impacts the password-modify exop is used.
> When LDAP add/modify are used to update userPassword, slapd will
> not alter the value provided by the client.
>
> Kurt

Yes.

I see what my problem is.  'userpassword' attribute is passed to the
backend base64 encoded.  That's done in entry2str().  The backend needs to
decode it before it uses that attribute.

Thanks,
--Kervin