[Date Prev][Date Next] [Chronological] [Thread] [Top]

Multiple userPassword attributes for one single leaf


I am sorry if it has already covered by I hadn't find any information about my question in ml archive.

I want to be able to offer the possibility to my users to have 2 different userPassword attributes: one for rich application client authentification (the one that already exist actually) and another for authentification from phones.
(I want it easier to enter one's password from a cellular, just like a pin or something ...)

I know userPassword is a multiple attribute field (it has been covered in a previous thread).
But !

On my OpenLdap instance (Debian etch testing, slapd -V gives me : OpenLDAP: slapd 2.2.26 (Oct 31 2005 09:10:53).

let's say I have a userPassword filed values pass1 and another set to pass2 (SHA-2 hash).

I'm only able to get authentificated against one single password, in fact the last edited.
If I set userPassword to pass1 then the other attribute userPassword to pass2, then only authentification with pass2 works. Consequently, if I set pass2 for one userPassword attribute then pass1 for the other userPassword attribute, only authentification with pass1 works.

Is there any configuration I should set to get userPassword authentification against one or the other userPassword ? Did I missed something in the manual or slapd.conf ? (I didn't find something regarding this particular issue).

Thanks in advance,

Best Regards,

Christophe Gravier
Laboratoire DIOM, groupe SATIn - Doctorant
ISTASE - IngÃnieur d'Ãtudes
Perso: http://perso.univ-st-etienne.fr/gravchri/
SATIn: http://www.istase.com/satin
Tel : 04 7748 5034
A mediter: http://www.fsffrance.org/news/article2005-11-25.fr.html