Jonathan Clarke wrote: > On 06/12/09 00:12, Alex Naranjo wrote: >> Hi: >> My problem is the following i need to store user password in an openldap >> server but the user password can not be encrypted. I know that openldap >> use hashing algothitm to store this attribute and that i can use clear >> text, but i want to store user password using a reversible algorithm not >> clear text. >> The Active directory accounts has an option (Store Password using >> Reversible Encryption) that permit this. Is there any option like this >> in an openldap server? > > There is nothing built-in to OpenLDAP to do this automatically. > > However, you can very easily use any attribute to store this, and store > an encrypted value of the password in it, using whatever front-end you > use to update passwords.
I think the original poster should tell us how the password are to be set and used. > Alternatively, you could write or adapt an overlay to do this > automatically. Yes. But the big question is which key to use and how this key is secured. Ciao, Michael.
