Siddharth Jain wrote:
> If yes, where can I find documentation on how to use/enable it?
It has never been implemented. The use of {SCHEME} prefixes in userPassword
seems to have
obviated any need for it.
>
> https://tools.ietf.org/html/rfc3112
>
> The userPassword attribute type [RFC2256
> <https://tools.ietf.org/html/rfc2256>] is intended to be used to
> support the LDAP [RFC2251 <https://tools.ietf.org/html/rfc2251>] "simple"
> bind operation. However, values
> of userPassword must be clear text passwords. It is often desirable
> to store values derived from the user's password(s) instead of actual
> passwords.
>
> The authPassword attribute type is intended to be used to store
> information used to implement simple password based authentication.
>
>
> RFC 3112 - LDAP Authentication Password Schema
> <https://tools.ietf.org/html/rfc3112>
> RFC 3112 LDAP Authentication Password Schema May 2001 hash
> algorithm/implementation is flawed), the hashing of passwords is intended to
> be as an additional
> layer of protection. It is RECOMMENDED that hashed values be protected as if
> they were clear text passwords. This attribute may be used in conjunction with
> server side password generation mechanisms (such as the LDAP Password Modify
> ...
> tools.ietf.org
>
>
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
