2014-07-23 17:19 GMT+02:00 Elie David <[email protected]>:
> sorry but don't know if i get it all right but should i store my
> password on openldap using HASH_SHA1 for instance and my lsc.xml look
> this:
>
> <dataset>
> ....
>
>
> <string>AD.getUnicodePwd(SecurityUtils.decrypt(srcBean.getDatasetFirstValueById("userPassword")))</string>
>
> </forceValues>
> </dataset>
> </propertiesBasedSyncOptions>
> </task>
>
You need to store the password in OpenLDAP in another attribute (eg
userPasswordEncrypted) with symmetric crypt method, and then :
<dataset>
....
<string>AD.getUnicodePwd(
>
>
> SecurityUtils.decrypt(srcBean.getDatasetFirstValueById("userPasswordEncrypted")))</string>
>
> </forceValues>
> </dataset>
> </propertiesBasedSyncOptions>
> </task>
The best way to do this is to tell OpenLDAP to register password in
cleartext, then create a LSC taks that will crypt this password in SHA in
userPassword, and with symmetric encryption in userPasswordEncrypted (or
whatever you want).
Clément.
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
