[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to set default password encryption?



OpenLDAP should always be able to deal with a "password given in clear text" if it is stored in the userPassword attribute. I'm not sure what you're asking for here, but that statement is true whether you mean "I want to store in clear text in the directory" (which seems like an awful idea, but who am I to judge) or "I want to transmit in clear text over the network" (which seems like an awful idea, but who am I to judge) or both (which seems like two awful ideas, but who am I to judge).

Note that to store in cleartext, you should not specify any {SCHEME} prefix to the userPassword. Transmitting over the network in the clear should be simpler (a default OpenLDAP config will allow this).

On Tue, 23 Oct 2007, Matthias Bourillon wrote:

I could read that default password encryption could be set in OpenLDAP so
that LDAP can deal with it even if the password is given in clear text.
Where can this be set up?