> On 9 Dec 2019, at 22:26, Francesc Guasch <fran...@telecos.upc.edu> wrote: > > El 5/12/19 a les 1:38, William Brown ha escrit: >> > >> Because this is salted, you need to provide the same salt to do the match >> here. Your MD5 was unsalted is why the match works, so you'll need to do >> much more work now to do the same "match". >> >> In other words you need to do (in psuedo code) >> >> ... >> >> It should go without saying, but it's a security risk to have userPassword >> as a field readable and to do matches like this, so I strongly encourage you >> to consider updating or modifying the application in question to do binds >> instead :) >> >> Does that help? > > Yes it did ! From now on new users are created with the new format > that is also fully 389-ds compatible. > > I also added a warning on startup for legacy setups and a recommendation > in the docs.
Happy to have helped, if you have further questions please let us know! > > thank you guys > _______________________________________________ > 389-users mailing list -- 389-users@lists.fedoraproject.org > To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org — Sincerely, William Brown Senior Software Engineer, 389 Directory Server SUSE Labs _______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
