-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/09/10 03:50, shyuejyh.tw wrote: > Hi Everyone: > i have a question , how can i change ldapsearch command to check password > more than 8 words? > > my openldap is 2.4.11 (Debian/Lenny) > > when i use freeradius 2.0.4 to authentication a account, > my password is 12345678 , than i type 123456789 , Pass ..... > > this is radius's log: > rlm_ldap: login attempt by "amo" with password "123456789" > rlm_ldap: user DN: uid=amo,dc=hello,dc=com > rlm_ldap: (re)connect to 127.0.0.1:389, authentication 1 > rlm_ldap: bind as uid=amo,dc=hello,dc=com/123456789 > rlm_ldap: waiting for bind result ... > rlm_ldap: Bind was successful > rlm_ldap: user amo authenticated succesfully > ++[ldap] returns ok > > > than i try use ldapsearch search a user (still use password 123456789) > > ldapsearch -x -b "dc=hello,dc=com" -D "uid=amo,dc=hello,dc=com" -W -h > localhost -LLL uid=jojo > Enter LDAP Password: > pass than find user information. > > dn: uid=jojo,dc=hello,dc=com > shadowLastChange: 123123 > loginShell: /bin/csh > gidNumber: 102 > homeDirectory: /home/jojo > uidNumber: 1002 > > i guess ldapsearch command just check first 8 words, is this a bug or change > something can fix it ? > > thanks a lot > > >
hello, isn't it because you're using CRYPT for password hash? Regards, Zdenek - -- Zdenek Styblik Net/Linux admin OS TurnovFree.net email: [email protected] jabber: [email protected] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwPITEACgkQ8MreUbSH7im5GQCgqsXKP00+DbvGTLN8wXrozFNS 2D8Anj5GWoyIjz/CjxyI6Q13hs+pSesF =YmdQ -----END PGP SIGNATURE-----
