[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: unicodePwd

Jean-Marc Choulet wrote:
> I want to convert my client (ADSI and C++) for use OpenLDAP. I know I must
> encode the unicodePwd. With ADSI, Miscrosoft give me some functions to do
> that. How can I do same things from OpenLDAP ?

The best way of setting a password is to use the LDAP Password Modify Extended
Operation as described in RFC 3062 and let the server generate the password hash:


The second way is to send a modify request for replacing password with a
client-side hashed userPassword value.

An (incomplete) attempt to describe the variants was made here:

Some more information here:

Some server implementations are capable of auto-hashing clear-text
userPassword values at the server-side, e.g. OpenLDAP with slapo-ppolicy and
config directive ppolicy_hash_cleartext. But that depends on server configuration.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature