[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: bind to LDAP Server using crypted password

I understand, but the problem is that I have to store the password on the server side and I don't want to do it in
clear text. I'm developing a Webinterface so that users can edit some of their attributes themselfes.
The problem is that PHP does not support persistent LDAP connections so I have to bind to the server again each time the page is reloaded.
So that's what I`m trying to do:
First I do an anonymous bind and check if the entered uid does exist in the directory. If the uid does exist I try to bind to the server with the entered uid and userpassword. Then I lookup the crypted userpassword in the directory and store it on the server side and after the page has been reloaded I bind to the server with the stored uid and userpassword again.
Maybe this is not a very elegant method, but don't know a better way.
----- Original Message -----
Sent: Monday, May 27, 2002 5:13 PM
Subject: AW: bind to LDAP Server using crypted password

That means if you give for example "secret" as password and crypt them you become a output like that -w {CRYPT}1IJV5XjJ2f3Kk  .
The problem that when you make a search I think is that the cleartext password is normally taken and crypted .
What i mean is the server compare crypted password with cryptes password on the Server .
if  cryptedPassword == cryptedPassword then it is OK .
but your  Problem is that you crypt your crypted Password I think . But I'am not sure .
Why did you not use cleartextpassword and a SSL Connection your data is secured over the Network :)
-----Ursprüngliche Nachricht-----
Von: David Anthony Gey [mailto:David.Gey@FH-Koeln.de]
Gesendet: Montag, 27. Mai 2002 17:01
An: openldap-software@OpenLDAP.org
Betreff: bind to LDAP Server using crypted password

is there anybody out there who has a idea how to bind to an LDAP Server with a crypted password.
I've tried to bind to OpenLDAP Server 2.0.21 with the following command
ldapsearch -x -w {CRYPT}1IJV5XjJ2f3Kk -b"o=myorg, c=de" -D"cn=Directory Manager, o=myorg, c=de" "(ou=*)"
but I always get a "invalid credentials" error message.
Thanks in advance.
David Gey