[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: password hashes and simple binds

Dieter Klünter wrote:
Am Sat, 23 Nov 2013 13:24:56 +0100
schrieb Michael Ströder <michael@stroeder.com>:

Dieter Klünter wrote:
I have a ldap server (2.4.36) with various password hashes
{CLEARTEXT} {KERBEROS} {SSHA} for different users, there is no
pasword-hash declaration in slapd.conf. Now i face a strange
behaviour with {CLEARTEXT} hash. that is:
userPassword: {CLEARTEXT} secret
I'd try to remove this extra space. Not sure though.

Just to demonstrate the various hash scheme {CLEARTEXT} results:


CLEARTEXT is not an actual hash scheme. It's only handled by the SASL code. For Simple Binds, a cleartext password must not have any scheme specifier at all.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/