[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Passwords in OpenLDAP

On Tue, Jun 24, 2003 at 01:10:05PM -0400, Yossef Korang wrote:
> I'm looking at OpenLDAP as a way of authenticating users, and I am 
> trying to find out specifically how the passwords will work, more 
> specifically, how to have ldap get the current user's password.  I'm 
> looking through the archives, but I haven't found anything, yet, on the 
> topic.
> Any help or point in the right direction would be appreciated.

Dear Yossef,

Just like all of the other data, passwords are stored in the
directory.  The system queries the LDAP server via a PAM module, 
to find the data in the userPassword field, given the username, just
like it does for /etc/passwd.

A simple user entry might look like:

dn: uid=someuser,ou=People,o=MyOrg
objectclass: person
objectclass: inetOrgPerson
objectclass: posixAccount
objectclass: inetLocalMailRecipient
cn: Some User
givenname: Some
sn: User
uid: someuser
userPassword: {MD5}Zm1KdYVpW70LRLMuwt3FgA==
loginShell: /usr/bin/bash
uidnumber: 1025
gidnumber: 1000
homeDirectory: /home/someuser
mail: someuser@myorg.com
mailRoutingAddress: someuser@somehost.myorg.com