[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Attribute map/substitution



--On Wednesday, September 27, 2017 11:53 AM +0200 Ervin Hegedüs <airween@gmail.com> wrote:

The problem is, that (for example) ntPassword and lmPassword attributes
are doesn't exists (sAMAccountName and objectSid also...).

I thing that the ntPassword is the sambaNTPassword, which is part of the
samba.scheme.

But how can I configure the OpenLDAP to server these attributes?

The larger question is, does it actually need those attributes to function? If so, then you'll need to find schema defining them, add that schema to your OpenLDAP server, and then populate them. It may well not *require* them to be present in the entry (for example, it looks at all of: ntPassword, lmPassword, userPassword). My guess would be that as long as it can access one of those it is fine. However, the fact that it's trying to get a value back for a password shows that the piece of software is poorly written and should be avoided. There's zero reason for it to have read access to a password attribute.

--Quanah


--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>