[Date Prev][Date Next]
RE: authentification issue with clear text password
I use the compare tool just for testing
The problem is when I try to login to my Cisco router (using ldap) I got compare false error message.
After that I tested the same password with this tool and I got the same result.
If I give the same password what i used to login why not working ? Ok is different encryption - how can I change it ?
PS: I need to have the compare function working with clear text password - if not working with the own ldap compare tool I can't expect that will work with the router.
From: openldap-technical-bounces@OpenLDAP.org [mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of Hallvard B Furuseth
Sent: Wednesday, February 15, 2012 4:19 PM
To: Szilard Gyorgy
Subject: Re: authentification issue with clear text password
On Wed, 15 Feb 2012 13:38:17 +0200, "Szilard Gyorgy"
> ldapcompare -D "uid=testuser,ou=Users,dc=domain,dc=net" -w test
> "uid=testuser,ou=Users,dc=domain,dc=net" -v userPassword:test
Why are you using compare at all? The server already checked the password when it accepted your Bind with -D and -w <password>.
I don't think there's an ldap tool which does nothing but Bind, so you have to ask it to do something afterwards but it doesn't really matter what. In such cases I usually use ldapwhoami:
ldapwhoami -x -D "uid=testuser,ou=Users,dc=domain,dc=net" -w test
The -x disables SASL, which you do not use or want with -D/-w.
SASL is on by default if you have compiled in support for it.
BTW, maybe you want to use -y <file> for the password instead.
Note that the file contents must NOT end with a newline, unless the newline is part of the password.