Le Wed, 20 Mar 2013 15:02:15 +0100, [email protected] a écrit : > Hello, > I have a problem with password encryption > There is at my work have an already in production ldap directory. The > userPassword is encrypted in {SSHA}. I am not planning to introduce > some modifications into this directory, but need the password to > create Kerberos Principal. > > Is there a possibility to achieve this goal ?
We had the same confuguration as yours and we didn't want to hack every password in the LDAP. What we did was simply change our "change password" application so it can intercept the user's password, then create the kerberos principal associated with this user, and then update the LDAP password. With this set we simply asked every one to change his password, this time allowing users to set their old password. -- Jean-Christophe Gay -- Université Paris Dauphine Responsable de la Sécurité des Systèmes d'Information Tel : 01 44 05 45 04 [email protected] ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
