[Date Prev][Date Next] [Chronological] [Thread] [Top]

Password Encryption

We are testing porting our Netscape LDAP functionality over to OpenLDAP. We
are currently having multiple issues with the encryption of the password
1) The default password-hash for Netscape is SHA and for OpenLDAP it is
SSHA. Is there anyway to use the same hash in OpenLDAP? When we try setting
it in the slapd.conf file (password-hash	SHA) we get an error message
when starting slapd:
"unknown directive in ldbm database definition (ignored)".
If this is not doable, we realize we can reset all the passwords (however we
are talking about changing approximately 400,000 passwords).
2) Currently OpenLDAP is not encrypting new or modified passwords, but
instead leaving them as clear text. What do we need to modify to turn
encryption on?

Any help is greatly appreciated.

Ged Cornwall
Senior Architect, Web Solutions