Good day,
It might be easiest just to write a script that checks all of your users'
password fields and alters all of the {CRYPT} entries to {crypt} so that
auth_pop likes them. This will eliminate the need to try experimental
patches.
Also, you may want to try to use rebinding for authentication, which puts
the onus on the ldap server. I am not sure if Openldap has a case
preference either, although I have always used {CRYPT} in uppercase.
- Darren -
----- Original Message -----
From: Mike Lichtenwalner <[EMAIL PROTECTED]>
To: qmail-ldap <[EMAIL PROTECTED]>
Sent: Tuesday, April 16, 2002 11:41 AM
Subject: crypt vs CRYPT
We are currently running qmail authenticating against OpenLDAP using
nsswitch (not qmail-ldap). It's time to replace the hardware so I thought I
would upgrade to qmail-ldap at the same time.
The new hardware is running qmail, qmail-ldap (20011001a), OpenLDAP (2.x),
Courier-IMAP, and SqWebMail. All is well except for auth_pop authenticating
users against LDAP (all users have a full system account - no virtual
users).
The passwords are all in crypt format but some of them begin with {crypt}
and others begin with {CRYPT}. The capitalized version is not authenticated
by auth_pop. In an archived message dated November 25, 2001, this comment
was made: "In qmail-ldap crypt passwords start with {crypt} and not
uppercase. Probably we should make those checks caseless."
I would really like to have this change. I'm not a programmer, but could
somebody give me some basic instructions on how to make this change or how
to work around this problem. (I would prefer not changing encryption
methods at this time.)
Thanks!
Mike
_______________________________
Mike Lichtenwalner
Technology Specialist
Manheim Township School District
Lancaster, PA
