[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password encryption for changing passwords

Kick, Claus writes:
> This is in slapd.conf:
> password-hash {CRYPT}
> password-crypt-salt-format      "$1$%.8s"
> The passwords are changed via ldapmodify of the Net::LDAP perl module.
> The changes work, however, the new passwords are unencrypted, at least
> the infamous ldap browser tells me that.
> Honestly, I have no idea where else to look. Could someone provide a
> pointer into the right direction?

Try the slapd.conf manpage:

password-hash <hash> [<hash>...]
    This option configures one or more hashes to be used in generation
    of user passwords stored in the userPassword attribute during
    processing of LDAP Password Modify Extended Operations (RFC 3062).
    Note that this option does not alter the normal user applications
    handling of userPassword during LDAP Add, Modify, or other LDAP