[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: capture password



Howard Chu wrote:
> ClÃment OUDOT wrote:
>> 2014-07-04 14:57 GMT+02:00 RogÃrio Augusto Rondini
>> <rarondini.paradygma@gmail.com <mailto:rarondini.paradygma@gmail.com>>:
>>
>>     Hi folks,
>>
>>     I need to implement password sync between AD and OpenLDAP using an IDM
>> tool.
>>
>>     I want to know how to capture clear text password in OpenLDAP before
>>     encryption so that I can sync with AD and potentially with others user
>>     repositories.
> 
> There is also Microsoft's SSO plugin. Discussed it briefly here
> http://www.openldap.org/lists/openldap-devel/200811/msg00045.html

Isn't that the other way round?

The original poster wrote:
"I want to know how to capture clear text password in OpenLDAP"

So pointing to e.g. slapo-smbk5pwd source would be the right, wouldn't it?

> It's been several years since I last looked at this. I just pulled down the
> Unix source code again today, it appears to only support IPv4 as it uses 32
> bit IP addresses when generating the session keys for its exchange.

If you need AD->LDAP direction IIRC the Windows part of 389's DC password
interceptor is also open source.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature