2014-07-23 16:50 GMT+02:00 Elie David <[email protected]>: > Hello, > > i'm having a little problem, i hope you'll help me sorting it out. > so the thing is that i would like to sync my openldap base to an > active directory one but the problem is the userPassword attribute in > OpenLDAP that has to be in clear text in order to have it right on the > other (Active Directory). i can't have that attribute in clear text > for security reasons. so is there any way to bypass that? >
You need to store the password with a symmetric encryption in an another attribute, and decrypt it on the fly when doing the sync. See http://lsc-project.org/wiki/documentation/latest/configuration/syncoptions/security#symmetric_encryption Clément.
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
