[Date Prev][Date Next] [Chronological] [Thread] [Top]




I found Quanah’s response to a post (http://www.openldap.org/lists/openldap-devel/201411/msg00012.html), which brought up a question(s).


1)      I have the olcModule pw-sha2.la loaded in “cn=module{0},cn=config”

2)      Looking at Quanahs reply, in the link above, he states:

now, if you want to make something like say, SHA512 the default, then you need to modify the frontend config db:



dn: olcDatabase={-1},cn=config

changetype: modify

replace: olcPasswordHash

olcPasswordHash: {SSHA512}


Now, if I add, something like the above, and the current olcRootPW attribute shows {SSHA}, is that going to modify current password hashes or only going forward?


I tried the above, on cn=config, but received the following error

“According to the schema attribute olcPasswordHash is not allowed”


Thanks in advance,



John D. Borresen (Dave)

Linux/Unix Systems Administrator

MIT  Lincoln Laboratory

Email: john.borresen@ll.mit.edu


Attachment: smime.p7s
Description: S/MIME cryptographic signature