Thansk MIchael 2012/4/4 Michael Ströder <[email protected]>
> Please post your follow-ups on the mailing list so others can respond and > learn as well. > > Suneet Shah wrote: > > So if create a user and then set the password on an existing user then, > the > > password-hash attribute will work? And I can send the password to > OpenLDAP in > > clear text? > > Yes. > > Also note the other poster's hint about using slapo-ppolicy and > ppolicy_hash_cleartext if you're allowed to configure the server. > > > I am curious - if the client hashes the password, in my case it would be > my > > java program, how will openldap use that hashed password during > authentication? > > > > Wouldnt both (openldap and my java program) need to have the salt used > for > > hashing? And in this case, only my java program would have that salt. > > The salt is part of the userPassword value. > See more information in OpenLDAP's FAQ-O-MATIC: > > http://www.openldap.org/faq/data/cache/419.html > > Ciao, Michael. > >
