[Date Prev][Date Next] [Chronological] [Thread] [Top]

rootpw can't be encrypted

I am running openldap-1.2.11 on RedHat 6.  I have been banging my head
against the wall trying to use an encrypted password in the slapd.conf
file.  A plain text password works fine but when i try to use encryption
it doesn't work, ugh!

For example I have run a simple Perl script for generaing and SHA
password, I use 'secret' here as an example.

      use Digest::SHA1;
      $ctx = Digest::SHA1->new;
      print '{SHA}' . $ctx->b64digest . "\n";

Which generates:


I have another Perl script to verify the hash and it returns okay:

      # ldappasswdichk.pl -v {SHA}5en6G6MezRroT3XKqkdPOmY/BfQ secret
      # e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4 
      # e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4

I then place the following line in my slapd.conf file:

      rootpw          {SHA}5en6G6MezRroT3XKqkdPOmY/BfQ

I then restart slapd and run the following from the command line and get
the resulting error message:

      # ldapadd -D "cn=root, dc=mydomain, dc=com" -W < michael.ldif
      Enter LDAP Password:
      ldap_bind: Invalid credentials

Keep in mind that this same command works fine when specifying a plain
text password in the slapd.conf file.  Someone please help me.  I refuse
to store root's password in plain text.

Is there something obvious that I am missing?

Thanks in advance,

Dannie M Stanley
SpinWeb Net Designs, Inc.