--On Tuesday, December 15, 2009 12:28 PM +0000 "J. Landamore"
<[email protected]> wrote:
Sorry to butt in on this, but how do you let the OpenLDAP server use its
default encryption? Since 2.4 whatever I have done stores the
userPassword attribute in clear text when using passwd(1) from our Linux
or Solaris boxes. ldappasswd states that is not a replacement for
passwd(1), what I'd like is to return to the state in OpenLDAP-2.2 and
previous where the passwords were stored encrypted in some fashion.
I've been banging my head about this for 3 months so any pointers would be
very much appreciated.
If you have questions, please keep them on the list. Thanks.
<http://www.openldap.org/software/man.cgi?query=slapd.conf&apropos=0&sektion=0&manpath=OpenLDAP+2.4-Release&format=html>
password-hash <hash> [<hash>...]
This option configures one or more hashes to be used in
generation of user passwords stored in the userPassword
attribute during processing of LDAP Password Modify Extended
Operations (RFC 3062). The <hash> must be one of {SSHA}, {SHA},
{SMD5}, {MD5}, {CRYPT}, and {CLEARTEXT}. The default is {SSHA}.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
