[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Migrated users cannot bind - HELP!

To: "Matt Stone" <matt@cse-corp.com>
Subject: RE: Migrated users cannot bind - HELP!
From: "Samuel Tran" <stran@amnh.org>
Date: Sun, 16 Jan 2005 15:51:20 -0500 (EST)
Cc: stran@amnh.org, openldap-software@OpenLDAP.org
Importance: Normal
User-agent: SquirrelMail/1.4.2

I tried your LDIF file with my OpenLDAP 2.2.20 on a Debian Linux box.

As you said the password for gadmin doe not work.

In your LDIF file you can specify your userPassword in two different ways:

1) prefix the hash value with the name of the hash algorithm in braces:
userPassword: {CRYPT}5RpLGC8nBNlhw

2) or use the base64 encoded version of your hashed password:
userPassword:: e0NSWVBUfW9MUEZRYxIREA==

When I do an ldapsearch on uid=mstone the ouput for userPassword is:
UserPAssword:: e0NSWVBUfTVScExHQzhuQk5saHc=

I base64 decoded e0NSWVBUfTVScExHQzhuQk5saHc=, the ouput is:
{CRYPT}5RpLGC8nBNlhw

But if I base64 decoded e0NSWVBUfW9MUEZRYxIREA== (password for gadmin),
the output is:
{CRYPT}oLPFQc

It looks like Aphelion does not use the same crypt mechanism.
Could you try to get more information on how it encrypt the passwords?

Sam


> Sam,
>
> I tried the version of LDAP you suggested and I'm experiencing the same
> issue.
>
> I've attached an LDIF that contains the 2 users I'm testing with.  Would
> you
> please try it for yourself?
>
> Binding as uid=mstone,ou=people,dc=example works
>
> Binding as uid=gadmin,ou=people,dc=example does NOT work.
>
> Both of these users have there password set to: Loser@123
>
> Again, the difference is gadmin had is password set by Aphelion.  Mstone
> had
> his password set on the OpenLDAP server.
>
> I really appreciate your help.
>
> Matt
>
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org] On Behalf Of Samuel Tran
> Sent: Sunday, January 16, 2005 12:54 AM
> To: Matt Stone
> Cc: openldap-software@OpenLDAP.org
> Subject: RE: Migrated users cannot bind - HELP!
>
> Matt,
>
> I am not familiar with openLDAP on Windows platform at all.
>
> Please check this link:
> http://lucas.bergmans.us/hacks/openldap/
>
> Lucas built OpenLDAP 2.2.19 with OpenSSL 0.9.7e.
>
> Please install his package it may solve your problem.
>
> Sam
>
>
>> Hey Sam,
>>
>> Thanks for the speedy response!
>>
>>> Hi Matt,
>>>
>>> What flavor of UNIX/Linux are you using?
>>
>> I'm actually running on a Windows box using Cygwin.
>>
>>> What version of OpenLDAP are you using?
>>
>> OpenLDAP 2.2.17-2.
>>
>>>%

Follow-Ups:
- RE: Migrated users cannot bind - HELP!
  - From: "Matt Stone" <matt@cse-corp.com>

Prev by Date: RE: Migrated users cannot bind - HELP!
Next by Date: Solved: index_param failed
Index(es):
- Chronological
- Thread