On Mon, Sep 03, 2012 at 10:28:06AM +0200, Helga Mayer wrote:
[...]
> >user name jhondoe
> >password 12345678
> >
> >but when user authenticate 12345678__-- authenticate again.
> >
> >but when users enter a12345678 can't authenticate
> The first 8 characters matter. This looks like a problem of the backend.
> Though I have never heard that openldap restricts the password to 8
> characters.
> To my experience solaris does.
Is it possible that LDAP contains DES ({crypt}) encrypted password? Then
only the first 8 characters of the password counts, AFAIK. It's the
limitation of the choosen password hash algorithm, one should select another
one (also recommended because of the weakness of DES nowdays). IMHO.
