sergio wrote: >> I don't see any justification in the file for doing so, but the RFC >> says any value MAY be encoded. I think Michael's advice is very >> prudent. > > MAY be encoded, yes. This means that ldapsearch or slapcat can output > all values base-64 encoded. But it's very inconvenient. When > userPassword is a link to another authenticator base-64 encoding is also > inconvenient.
*Ignorance* is inconvenient. What does any of this have to do with pass-through authentication? When slapd handles an authentication it uses the binary value. base64 has nothing to do with it. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
