[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SSHA for rootdn issue



Hi,

On Friday 08 August 2003 22:42, joerg@schuetter.org wrote:
> > I have an issue when I use slappasswd {SSHA} then I cut and pates to
> > slapd.conf. My passwd word was 'secret' and wording fine, and the normal
> > user can login fine not until I replace with SSHA passwd. If you put
> > 'secret' back, it's working again. I did cleanup database and migrate
> > the user again by using pdal.com's scripts after I use SSHA. I still can
> > do a search but cannot login. Any idea?
> >
> > dn: uid=codywang,ou=People,dc=clunet,dc=edu
> > userPassword:: e0NSWVBUfUxTLi4ydnRhTXllbGc=
>
> base64 decoded password results in: '{CRYPT}LS..2vtaMyelg', but
> crypt.crypt('secret', 'LS') (generate crypt with seed 'LS') results
> 'LSgOjE04PUmqs'. Is there a reason for using bas64 coded strings?

Although I am not the original poster, I think I can answer your last 
question.
When doing a ldapsearch, user passwords are returned base 64 encoded.
I don't know the exact reason for this behaviour but I assume it's the curly 
braces that make ldapsearch behave this way.

Peter
-- 
Peter Marschall
eMail: peter@adpm.de