Thank you Timm Korte, you are probably right, now I'd like to know how to generate the user passwords. If I would like to add a new user to qmail ldap server lets say user "george" and his password to be "somepassword" and all other information to remain the same as the one in the file aaron14.ldif (see previous emails attachment), how would my new george.ldif look like (emphasis on the userPassword attribute). Finally how can I generate the userPassword hash to copy into the .ldif file of a new user, (kindly illustrate with actual console commands and outputs).
Allan Kamau. -----Original Message----- From: Timm Korte [mailto:[EMAIL PROTECTED]] Sent: 21 January 2003 12:26 To: [EMAIL PROTECTED] Subject: RE: libsasl.so.7: failed error - Now unable to login using pop3 Hi I think, this might rather be a password-hashing problem... when crating a SSHA Password Hash, a "salt" is used - which might/should be some attribute of the user - such as the uid. When cpoying an SSHA "hash" from user "A" to user "B" - User "B" won't be able to log in with user "A"'s password. When comparing the password attributes are being compared, a new SSHA "hash" is calculated first, unsing the username "B" as salt. This is then compared to the hash that was calculated using the username "A" in the first place. This compare will fail. greetings & bye Timm > I created a new user entry and used > userPassword:{SSHA}22onNmlYVY5lUwkx0zkzb+LYODZTLp1Z in the .ldif file. I > simply substituted all the aaron13 string to aaron14 in the ldif file and > then loaded the file into ldap. > Now when I try to login I get the message below. > Could my ldif file be wrong (I've attached it), kindly see attachment. > > [aaron@development aaron]$ telnet localhost 110 > Trying 127.0.0.1... > Connected to development (127.0.0.1). > Escape character is '^]'. > +OK <[EMAIL PROTECTED]> > user aaron14 > +OK > pass aaron > -ERR user record incorrect > Connection closed by foreign host. > > > Allan Kamau. > > > -----Original Message----- > From: Claudio Jeker [mailto:[EMAIL PROTECTED]] > Sent: 21 January 2003 11:01 > To: [EMAIL PROTECTED] > Subject: Re: libsasl.so.7: failed error > > On Tue, Jan 21, 2003 at 01:51:28AM -0500, Speedfreak wrote: > > On January 21, 2003 12:59 am, Kamau Allan wrote: > > > And my aaron13.ldif which I used in creating the user's entry into > > > openLDAP is as flows. > > > > > > dn:uid=aaron13,dc=arril,dc=net > > > userPassword:aaron > > > > I don't think "userPassword:aaron" will work unless you have > > -DCLEARTEXTPASSWORD enabled in the Makefile. Try setting > > "userPassword:{SSHA}22onNmlYVY5lUwkx0zkzb+LYODZTLp1Z" (ie. sha hash > > of the string 'aaron') instead. You can get the hash using > > slappasswd with OpenLDAP. > > > > Another problem is that the uid is aaron13 and the uid is used for the > auth_* lookup in ldap not the mail address. > > -- > :wq Claudio > >
