On Thu, Sep 21, 2017 at 4:29 PM, Howard Chu <[email protected]> wrote: > Nikos Voutsinas wrote: > >> Hello, >> >> We need for a specific database (olcDatabase) to force an SHA password >> hash, while keeping the default hashing scheme for the rest of them (the >> SSHA). However it seems that olcPasswordHash is not allowed with-in an >> olcDatabase object. >> >> What's the suggested method to overwrite the default password hash for a >> specific db? >> > > Not currently supported. You're welcome to submit a patch to implement > this. In the meantime, you can run a separate slapd instance, and tie it > back in to the first slapd using back-ldap. > > Overall it's probably a bad idea though. If you have anything outside of > slapd depending on the specific password hash mechanism, you're doing > something wrong. >
Agree, however it is not my choice. It seems that Google's G Suite and Google Apps Password Sync is wrong.
