[Date Prev][Date Next] [Chronological] [Thread] [Top]

When/why use slappasswd or any password digests



I'm trying to understand the role encrypted passwords play in OpenLDAP. I thought they were an alternative way to exchange passwords. Instead of sending them in the clear during ldap_bind_s() I thought I could supply one of the HASHs--but this doesn't seem to work.

To use SSHA encryption am I supposed to first create an SSHA digest of my password to use in ldap_passwd_s()?

I've tried changing the password to something I got from slappasswd then signing back in using the same password but a different digest (as SSHA is supposed to do) but I get Invalid Credentials.

Are the digests something used strictly for storing the passwords? Is there any way/reason to use the digests?

--
.tom
remove email address' dashes for replies
opensource middleware at <http://isectd.sourceforge.net>
<http://gagne.homedns.org/~tgagne/>