https://bugs.openldap.org/show_bug.cgi?id=7933
--- Comment #7 from Quanah Gibson-Mount <[email protected]> --- (In reply to nilskemail+github from comment #6) > Could this be the reason why I get `attribute 'olcPasswordHash' not allowed` > when trying to apply an .ldif file such as: > > dn: olcDatabase={-1}frontend,cn=config > changetype: modify > add: olcPasswordHash > olcPasswordHash: {CRYPT} > > This has popped up in Fedora > (https://bugzilla.redhat.com/show_bug.cgi?id=2061966) which seem to have > copied the respective default frontend config file before this patch (see > https://src.fedoraproject.org/rpms/openldap/blob/f37/f/slapd.ldif#_105). I'd open a bug with redhat as to why they're doing this at all. {CRYPT} hashes are not portable. If they want to support secure hashes, they should use the ARGON2 module. You also fail to state what version of OpenLDAP you're reporting against. This bug was fixed in 2014, so unless RH is using an absolutely ancient version of OpenLDAP, this would not be related. You probably should describe the issue(s) you are encountering in a post to the openldap-technical email list (https://lists.openldap.org) -- You are receiving this mail because: You are on the CC list for the issue.
