[Date Prev][Date Next] [Chronological] [Thread] [Top]

Question about openldap admin's guide


In the OpenLDAP 2.2 Admin Guide, it is stated as
"To use secrets stored in the LDAP directory, place
plaintext passwords in the userPassword attribute"

Just wondering...
can we use encrypted password, like:
userPassword        {SHA}wektalskgjlaksfgjlf  ??

I've tried to use encrypted password in my directory,
but ldapsearch (I'm using Digest-MD5) will fail with
the following error although I have changed the
password-hash from cleartext to sha:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
        additional info: SASL(-13): authentication
failure: client response doesn't match what we

If we can only use plaintext password, then what's the
purpose of password-hash in the slapd.conf ?

Thanks to anybody who can explain the concept to me...


La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
                                                                        - Guy de Maupassant -

Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing.