[Date Prev][Date Next] [Chronological] [Thread] [Top]

problem with cleartext password setup

To: openldap-software@openldap.org
Subject: problem with cleartext password setup
From: Pat Riehecky <prieheck@iwu.edu>
Date: Tue, 05 Feb 2008 13:14:35 -0600
Organization: Illinois Wesleyan University

My reading the archives has lead me to believe that DIGEST-MD5 will
require me to store passwords in cleartext.  To evaluate the usefulness
of this at my site (little point in storing them cleartext if nothing
can use DIGEST-MD5) I have setup a test server, but the password keeps
getting hashed

I have added password-hash {CLEARTEXT} to my slapd.conf  (which gave me
password-hash {CLEARTEXT},{SSHA},{SMD5},{CRYPT}).  That didn't do it, so
I went for just password-hash {CLEARTEXT}.  That also keeps getting my
passwords hashed.

Strangely they are not prefixed with the {HASHTYPE}.

When I run
ldappasswd -H ldapi:/// -D "cn=testuser,dc=iwu,dc=edu" -w Please -x -s
please

In LDAP I get

userPassword:: cGxlYXNl

I have the ppolicy overlay in place, but the behavior remains even when
it is removed.

The password is changing, but a log level of -1 isn't showing me why
this is getting hashed.

OpenLdap 2.4.7 on Debian Sid.

What did I do?
Pat

Follow-Ups:
- Re: problem with cleartext password setup
  - From: Quanah Gibson-Mount <quanah@zimbra.com>
- Re: problem with cleartext password setup
  - From: Karsten KÃnne <kuenne@rentec.com>

Prev by Date: Re: issues with proxycache overlay
Next by Date: Re: Multiple passwords
Index(es):
- Chronological
- Thread