[Date Prev][Date Next] [Chronological] [Thread] [Top]

MD5 password issue

Hi all,
  This is my first message to the list.
  The case is, I would like to migrate 500 hundred users/passwords to a LDAP 
directory (since it is more standard).
  The reason why I'm writhing you is because the MD5 hash in other programs 
are different than the MD5 password that I have in OpenLDAP. For example, 
using PHP or MySQL to generate a MD5 hash from a certain string are 
identical, but when I use OpenLDAP to generate the same string the result is 
   I want to migrate my users from MySQL to OpenLDAP, I have the usernames is 
cleartext and the password in MD5 (this is where I got my problem).
  I'm going to give you an example:
  In mysql I have a user with the password 2 (just the number) where the 
resulting md5 hash is: 
c81e728d9d4c2f636f067f89cc14862c (this is the string stored in mysql). 
  However, within ldap the MD5 password is very different.
  I mean. I added a user call md5user with the password 2 (just the number) 
hashed by MySQL. It resulted in: c81e728d9d4c2f636f067f89cc14862c. So my ldif 
file was something like:

dn: cn=md5user,dc=my,dc=example,dc=com
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: md5user
description: MD5USER
userPassword: {MD5}c81e728d9d4c2f636f067f89cc14862c

To test the authentication I am just trying to add a user.., if it returns 
"ldap_bind: Invalid credentials (49)" at least is trying to authenticate, if 
it return "ldap_add: Already exists (68)", the authentication was successful.

The strange thing is that slapcat brings something like:

-- cut here --
cn: md5user
description: MD5USER
userPassword:: e01ENX1jODFlNzI4ZDlkNGMyZjYzNmYwNjdmODljYzE0ODYyYw==
structuralObjectClass: organizationalRole
-- cut here --

Notice that the userPassword is pretty different..,  ldap hashed in someway 
the original password given in the ldif file.