[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap bind using crypted passwords not working

I am trying to use pam_ldap/nss_ldap with openldap 1.2.10 on Redhat Linux.
As long as the userPassword attribute is of the form:
{crypt}u.TuruQsM2Mag, pam_ldap works fine. The problem is that when trying
to do a bind to the directory, slapd refuses to use anything but plaintext
passwords. In the example above, instead of taking the password, hashing
it using the correct mechanism, and comparing it to the stored hash; slapd
thinks my password is exactly "{crypt}u.TuruQsM2Mag" If I store plaintext
passwords in the database (which is probably not a good idea) slapd binds
just fine, but pam_ldap/nss_ldap breaks.

When I compiled openldap, I used 'configure --enable-cleartext
--enable-crypt'. In my understanding, that should compile in both password
types. Should I only use one or the other?

| Weston J. Bustraan      | E-Mail: weston@itdonline.net     |
| Development Manager     | Phone: (616)249-3630             |   
| Infinity Tel-Data Inc.  | Fax:   (616)249-3067             |
| 4723 S. Division Ave.   | WWW: www.itdonline.net           |
| Wyoming, MI 49548       | PGP: finger weston@itdonline.net |

All wiyht. Rho sritched mg kegtops awound?