[Date Prev][Date Next] [Chronological] [Thread] [Top]

use of bind() and encryption

I am writing an LDAP client to authenticate users from an openldap

When I try to use the bind(...) call, my authentication is failing.  It
seems that openldap is encrypting the passwords.  How do I use bind(...)
when the passwords are encrypted?  The userPassword attribute as used by
openldap does not seem to follow rfc 2307, so I can't tell what
encryption mechanism is being used.

from rfc 2307:
userPassword values MUST be represented by following syntax:

        passwordvalue          = schemeprefix encryptedpassword
        schemeprefix           = "{" scheme "}"
        scheme                 = "crypt" / "md5" / "sha" / altscheme
        altscheme              = "x-" keystring
        encryptedpassword      = encrypted password

   The encrypted password contains of a plaintext key hashed using the
   algorithm scheme.

entry from openldap search:

# extuser1, users, dc=my-domain, dc=com
dn: cn=extuser1, ou=users, dc=my-domain, dc=com
objectClass: person
cn: extuser1
sn: test1
userPassword:: ZXh0ZXJuYWwx