kent sent the following missive on 12/13/2005 9:42 PM:
Hello, I am trying to get a handle on how to use Perl to compare passwords stored in LDAP that may be encrypted by different means such as MD5, SMD5, CRYPT etc. The passwords are stored in userPassword attribute.
Using LDAP like a database, where you compare password hashes, really isn't the correct way to use it. As a matter of fact, in some LDAP implementations, including Active Directory, you can't even query the userPassword attribute.
To authenticate a user, you find out if you can bind to the LDAP server using that username and password.
To do it in other than clear text, you use LDAP over SSL by connecting to ldaps://
Also, there is a PHP LDAP library. It isn't as robust as perl-ldap by any means, but for authenticating a user it works fine.
