[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: setting up admin password on openldap

> ldapmodify -v -x -f /path-to-ldif -w -D "cn=nsadmin,o=trac"

When you try to modify ldap entry, using ldif file,
how do you add "userPassword" field ?
In ldif file usually hashed password value, e.g. 

if you have password "foobar", hashed {CRYPT} string
will be $1$J/E/qSv7$SQtxGHJ2UTwkQ40qX8WcN/
Now, with some gui tool like GQ or LdapStudio,
you should add prefix {CRYPT} and paste 


into ldap object. This should also work,
if you paste above string with {CRYPT} prefix
(or {MD5} or other, depending how you hashed the password.

Note that with slapcat/slapadd user password should
be additionaly base64 encoded, and AFAIR, 
"userPassword" attribute name should be prepended
with double colon, e.g

perl -MMIME::Base64 -e "print encode_base64('{CRYPT}$1$J/E/qSv7$SQtxGHJ2UTwkQ40qX8WcN/');"

userPassword:: e0NSWVBUfS9FL3FTdjcv

Anyway does authentication work with slapd.conf including 
plain or hashed password?