Issue #591 has been reported by David Coutadeur. ---------------------------------------- Feature #591: add script example for passwordhk (AES, SSHA) http://tools.lsc-project.org/issues/591
Author: David Coutadeur Status: New Priority: Normal Assigned to: David Coutadeur Category: Administration Target version: trunk Synchronization to Active Directory referentials sometimes implies password synchronization issues. In order to push a password to Active Directory, you must have it in cleartext mode. This is a security weakness, and the solution is to encrypt the password with a 2-way cipher algorithm, for example using LSC AES cipher capabilities. Sometimes, it is also a good idea to get the windows password changes back to the source directory. This can be done with the password filter hook. This component needs a script in order to achieve the password change. This script (in perl for example) would do the following : - compute AES password given the cleartext one (warning : in the same way as LSC do !), - compute SSHA password given the cleartext one, - push these passwords to a given ldap directory. (in the user entry specified by the sAMAccountName) -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-dev mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-dev
