[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch -w "password" only check first 8 words ?

To: "open >> \"openldap-technical@openldap.org\"" <openldap-technical@openldap.org>
Subject: Re: ldapsearch -w "password" only check first 8 words ?
From: Zdenek Styblik <stybla@turnovfree.net>
Date: Wed, 09 Jun 2010 07:05:53 +0200
In-reply-to: <297486.50844.qm@web73404.mail.tp2.yahoo.com>
Openpgp: url=http://stinkfoot.org:11371/pks/lookup?op=index&search=Styblik
Organization: OS TurnovFree.net
References: <297486.50844.qm@web73404.mail.tp2.yahoo.com>
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.9) Gecko/20100401 Thunderbird/3.0.4

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/09/10 03:50, shyuejyh.tw wrote:
> Hi Everyone:
> i have a question , how can i change ldapsearch command to check password more than 8 words?
>
> my openldap is 2.4.11 (Debian/Lenny)
>
> when i use freeradius 2.0.4 to authentication a account,
> my password is  12345678 , than i type 123456789 ,  Pass .....
>
> this is radius's log:
> rlm_ldap: login attempt by "amo" with password "123456789"
> rlm_ldap: user DN: uid=amo,dc=hello,dc=com
> rlm_ldap: (re)connect to 127.0.0.1:389, authentication 1
> rlm_ldap: bind as uid=amo,dc=hello,dc=com/123456789
> rlm_ldap: waiting for bind result ...
> rlm_ldap: Bind was successful
> rlm_ldap: user amo authenticated succesfully
> ++[ldap] returns ok
>
>
> than i try use  ldapsearch search a user (still use password 123456789)
>
> ldapsearch  -x -b "dc=hello,dc=com" -D "uid=amo,dc=hello,dc=com" -W -h localhost -LLL uid=jojo
> Enter LDAP Password:
> pass than find user information.
>
> dn: uid=jojo,dc=hello,dc=com
> shadowLastChange: 123123
> loginShell: /bin/csh
> gidNumber: 102
> homeDirectory: /home/jojo
> uidNumber: 1002
>
> i guess ldapsearch command just check first 8 words, is this a bug or change something can fix it ?
>
> thanks a lot
>
>
>

hello,

isn't it because you're using CRYPT for password hash?

Regards,
Zdenek

- -- 
Zdenek Styblik
Net/Linux admin
OS TurnovFree.net
email: stybla@turnovfree.net
jabber: stybla@jabber.turnovfree.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkwPITEACgkQ8MreUbSH7im5GQCgqsXKP00+DbvGTLN8wXrozFNS
2D8Anj5GWoyIjz/CjxyI6Q13hs+pSesF
=YmdQ
-----END PGP SIGNATURE-----

References:
- ldapsearch -w "password" only check first 8 words ?
  - From: "shyuejyh.tw" <shyuejyh.tw@yahoo.com.tw>

Prev by Date: ldapsearch -w "password" only check first 8 words ?
Next by Date: Re: could not config n-way multi-master because insufficient access
Index(es):
- Chronological
- Thread