Re: change password for user
Zhang Huangbin wrote:
Michael Ströder wrote:
Yes. Other LDAP servers might have a different configuration. Also some
servers set other password attributes as well (e.g. the smbk5pwd overlay
for OpenLDAP sets Samba password attributes and the Kerberos keys for a
heimdal KDC).
How can i set DEFAULT password-hash in slapd.conf? such as MD5 or whatever.
That's more a question for the openldap-software mailing list. Since you
already found the password-hash parameter you could simply use it:
password-hash {SSHA}
Ciao, Michael.
--
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
___
Python-LDAP-dev mailing list
Python-LDAP-dev@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
Re: change password for user
Jan-Frode Myklebust wrote:
I have a script that tries to sync a userdatabase with
plaintext username/password in mysql, to a Centos Directory
Server. Currently I've been pushing the passwords into the
directory by first creating the SSHA1 hash in python and
store '{SSHA}' + encode-string in the password field.
But, it occurred to me that I'm not fully sure what I'm doing
when creating the SSHA1 hash,
If the password is usable afterwards there's nothing wrong with
client-side password hashing. The salt should be at least 4 bytes long.
so it would be nice to have
the directory server do the hashing instead. I've found the
method:
passwd_s(user, oldpw, newpw, [serverctrls=None, [clientctrls=None]])
but are there any way to use that when I don't know the plaintext
'oldpw' ?
Simply use None for oldpw.
Ciao, Michael.
--
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
___
Python-LDAP-dev mailing list
Python-LDAP-dev@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
change password for user
I have a script that tries to sync a userdatabase with
plaintext username/password in mysql, to a Centos Directory
Server. Currently I've been pushing the passwords into the
directory by first creating the SSHA1 hash in python and
store '{SSHA}' + encode-string in the password field.
But, it occurred to me that I'm not fully sure what I'm doing
when creating the SSHA1 hash, so it would be nice to have
the directory server do the hashing instead. I've found the
method:
passwd_s(user, oldpw, newpw, [serverctrls=None, [clientctrls=None]])
but are there any way to use that when I don't know the plaintext
'oldpw' ?
-jf
--
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
___
Python-LDAP-dev mailing list
Python-LDAP-dev@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
