[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: How the password stored in SASL db can be related to the userPassword attribute of an entry of the directory?

To: <owner-openldap-software@OpenLDAP.org>, <openldap-software@OpenLDAP.org>
Subject: RE: How the password stored in SASL db can be related to the userPassword attribute of an entry of the directory?
From: "Howard Chu" <hyc@highlandsun.com>
Date: Thu, 8 Apr 2004 06:34:00 -0700
Importance: Normal
In-reply-to: <INEPJMLEFKHHPAPCECLKEEFBCAAA.giampaolo.rossi@datamat.it>

http://www.openldap.org/doc/admin22/sasl.html

Quoting from the above page, section 10.2.3:

>>>
To use secrets stored in the LDAP directory, place plaintext passwords in the
userPassword attribute. It will be necessary to add an option to slapd.conf
to make sure that passwords changed through LDAP are stored in plaintext:

       password-hash   {CLEARTEXT}

Passwords stored in this way can be managed either with ldappasswd or by
simply modifying the userPassword attribute
<<<

Set the userPassword attribute to the user's password. That's all.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support 

>  -----Original Message-----
> From: 	owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org] 
> Sent:	Thursday, April 08, 2004 5:56 AM
> To:	openldap-software@OpenLDAP.org
> Subject:	How the password stored in SASL db can be related to the
userPassword attribute of an entry of the directory?
> 
> Hello everyone,
> 
> first I would like to say thankyou to Haward Chu because the Replication
problems via digest-md5 are resolved and my system works very well!!
> 
> Now I have a new issue to solve. How can I syncronize both the passwords
stored in the SASL db and in the Berkley db (bdb). I would like to refer to a
unique password for a user. I would like to modify the userpassword of both
the db with ldapmodify. I would like that this modification could be
propagate from the master to the slave via digest-md5 replication. Should I
put some new instruction into ldif file or what else? 
> I tried userPassword: {SASL} in my ldif file but it didn't work.
> Manual says that with cyrus-sasl 2.1 it is possible to store sasl secret in
the ldap directory. But it doesn't say how!
> 
> Again, I need help.
> 
> Anybody know the problem ?
> 
> Many thanks.
> 
> Giampaolo
> 
> 
> 
> _______________________________
> Giampaolo Rossi
> DATAMAT S.p.A.
> Defence Space & Environment Division
> Via Laurentina 760
> 00143   Rome  (Italy)
> Tel.   +39 065027.2571
> Fax.  +39 065027.2125
> 
> http://www.datamat.it
> 
>  
> 
>

<<attachment: winmail.dat>>

Follow-Ups:
- R: How the password stored in SASL db can be related to the userPassword attribute of an entry of the directory?
  - From: "Giampaolo Rossi" <giampaolo.rossi@datamat.it>

References:
- How the password stored in SASL db can be related to the userPassword attribute of an entry of the directory?
  - From: "Giampaolo Rossi" <giampaolo.rossi@datamat.it>

Prev by Date: RE: Replication
Next by Date: Re: Replication
Index(es):
- Chronological
- Thread