Hi Joe,

I'm not really an IPA guy, but IPA uses 389 directory server as its backend. You would need to convert the your DB entries to LDAP entries, but 389 supports your password type, so it should not be a problem if you copy & paste the password hashes. LDAP expects the password to be something like:


 userpassword: {SSHA}cchzM+LrPCvbZdthOC8e62d4h7a4CfoNvl6d/w==

Mark

On 06/24/2012 02:30 PM, Joe Linoff wrote:

Hi Everybody:

We have a legacy web based application (CakePHP) that stores user data in a DB and I would like to transfer that information to a FreeIPA Identity Management Server without requiring the users to re-enter their passwords (if possible).

How would I do that?

I know that the DB stores the password as a SHA-1 hash with a salt. I was hoping that there was a way for the administrator to directly copy the SHA-1 password hash from the DB into the Free-IPA LDAP for the user but I don't even know if that is a reasonable expectation.

Any help would be greatly appreciated.

Thanks,

Joe



_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

--
Mark Reynolds
Senior Software Engineer
Red Hat, Inc
mreyno...@redhat.com

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to