[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: password exop and encrypted passwords

To: openldap-software@OpenLDAP.org
Subject: Re: password exop and encrypted passwords
From: "Tiefnig Daniel" <openldap@qmail.infonova.at>
Date: Thu, 21 Jun 2001 17:24:57 +0200
Organization: Infonova
References: <3B31F931.AB9B9288@int-evry.fr> <Pine.LNX.4.33.0106211046320.4725-100000@malachi.gf.gospelcom.net>

hi,

my understanding of LDAP is that it just _stores_ data. it shouldn't change the values in any form. may be that other implementations do something like "crypt" or whatever, (e.g. oracle-ldap (oid) does) but openldap doesn't.

daniel

Steve Schultze wrote:

I'd like to use the new password exop, but I'd also like to store my
passwords encrypted.  I'm using PADL's pam_ldap and when I change my
passwords using the password exop, they are stored in plaintext.  I'd like
them to be stored encrypted.

My question is this:  where is the task of encrypting the new password?
Should pam_ldap encrypt the new password before doing the exop (which I
*think* would work, correct me if I'm wrong), or should the LDAP server
encrypt it (which is how I understand iPlanet's server does it)?

_________________________________________
Tiefnig Daniel
Server-Technology

INFONOVA IT GesmbH
Seering 6, A-8141 Unterpremstätten
AUSTRIA

E-Mail: mailto:daniel.tiefnig@infonova.at
Web: http://www.infonova.at

References:
- alias
  - From: Jehan PROCACCIA <jehan.procaccia@int-evry.fr>
- password exop and encrypted passwords
  - From: Steve Schultze <sjs@gospelcom.net>

Prev by Date: password exop and encrypted passwords
Next by Date: Re: password exop and encrypted passwords
Index(es):
- Chronological
- Thread