Hi Wei, User password are binary attributes. Try to decode it (base64) ...
Regards, Le 20 nov. 2014 01:33, "W. Ho" <[email protected]> a écrit : > Hi, > > I actually followed the reference link. However, one part is not clear to > me perhaps you can clarify: > > The userPassword was in hashed format, i.e. userPassword: > e1NBU0x9d2hvQGJvYXJkdmFudGFnZS5uZXQ=, when I ran ldapsearch command, not { > SASL}[email protected]. When I use Apache Directory Studio it shows me > userPassword is "SASL hashed password". > > Does it make any difference? > > Thanks, > > ------------------------------ > Date: Wed, 19 Nov 2014 21:58:37 +0100 > Subject: Re: [lsc-users] LSC Password Issue > From: [email protected] > To: [email protected] > CC: [email protected] > > > > 2014-11-19 20:44 GMT+01:00 W. Ho <[email protected]>: > > Hi List, > > > Hi, > > > > I am setting up LSC to sync AD to OpenLDAP. Everything looks fine except > the password does not work. > > The backgrounds: > > Source: Windows 2008 R2 Active Directory, 64-bit > Destination: OpenLDAP: 2.4.23, 64-bit running on CentOS 6.5, 64-bit > LSC: 2.1.1 > JDK: Oracle/Sun 1.7.0_71 > Password: Use AD as the main password store, configure the OpenLDAP > directory server to redirect authentications there, via SASL and LDAP binds > per instructions > > The CentOS is configured to allow SSH login only. After sync OpenLDAP > with AD, I got all users' information with userPassword of SASL format. I > can login to CentOS system with SSH key but not with password. Running > sudo also failed because the password is not recognized. When I run "su -" > command the system asks me twice, see below, for root password before I can > su to root. > > I have provided the following information for your reference. Could > someone please take a look and let me know what I have done incorrectly? > > > > Seems the LSC part is good if you have the SASL password in OpenLDAP. > > You can check this doc to see if your SASL configuration is ok: > http://ltb-project.org/wiki/documentation/general/sasl_delegation > > But as your problem seems not related to LSC, you should try to get help > on OpenLDAP mailing list for example. > > > > Clément. > > _______________________________________________________________ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > [email protected] > http://lists.lsc-project.org/listinfo/lsc-users > >
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
