Jean-Marc Choulet wrote: > I want to convert my client (ADSI and C++) for use OpenLDAP. I know I must > encode the unicodePwd. With ADSI, Miscrosoft give me some functions to do > that. How can I do same things from OpenLDAP ? The best way of setting a password is to use the LDAP Password Modify Extended Operation as described in RFC 3062 and let the server generate the password hash: http://tools.ietf.org/html/rfc3062 The second way is to send a modify request for replacing password with a client-side hashed userPassword value. An (incomplete) attempt to describe the variants was made here: http://tools.ietf.org/html/draft-stroeder-hashed-userpassword-values Some more information here: http://www.openldap.org/faq/data/cache/419.html Some server implementations are capable of auto-hashing clear-text userPassword values at the server-side, e.g. OpenLDAP with slapo-ppolicy and config directive ppolicy_hash_cleartext. But that depends on server configuration. Ciao, Michael.
Description: S/MIME Cryptographic Signature