Jan-Frode Myklebust wrote:
> On 2009-03-09, Michael Ströder wrote:
>>> But, it occurred to me that I'm not fully sure what I'm doing
>>> when creating the SSHA1 hash,
>> If the password is usable afterwards there's nothing wrong with
>> client-side password hashing. The salt should be at least 4 b
On 2009-03-09, Michael Ströder wrote:
> >
> > But, it occurred to me that I'm not fully sure what I'm doing
> > when creating the SSHA1 hash,
>
> If the password is usable afterwards there's nothing wrong with
> client-side password hashing. The salt should be at least 4 bytes long.
Still, I'm un
Zhang Huangbin wrote:
> Michael Ströder wrote:
>> Yes. Other LDAP servers might have a different configuration. Also some
>> servers set other password attributes as well (e.g. the smbk5pwd overlay
>> for OpenLDAP sets Samba password attributes and the Kerberos keys for a
>> heimdal KDC).
>
> How
Michael Ströder wrote:
> Yes. Other LDAP servers might have a different configuration. Also some
> servers set other password attributes as well (e.g. the smbk5pwd overlay
> for OpenLDAP sets Samba password attributes and the Kerberos keys for a
> heimdal KDC).
>
> Ciao, Michael.
>
>
Thanks Mic
Zhang Huangbin wrote:
> Michael Ströder wrote:
>>> so it would be nice to have
>>> the directory server do the hashing instead. I've found the
>>> method:
>>>
>>> passwd_s(user, oldpw, newpw, [serverctrls=None, [clientctrls=None]])
>>>
>>> but are there any way to use that when I don't know the
Michael Ströder wrote:
>> so it would be nice to have
>> the directory server do the hashing instead. I've found the
>> method:
>>
>> passwd_s(user, oldpw, newpw, [serverctrls=None, [clientctrls=None]])
>>
>> but are there any way to use that when I don't know the plaintext
>> 'oldpw' ?
>>
Jan-Frode Myklebust wrote:
> I have a script that tries to sync a userdatabase with
> plaintext username/password in mysql, to a Centos Directory
> Server. Currently I've been pushing the passwords into the
> directory by first creating the SSHA1 hash in python and
> store '{SSHA}' + encode-string
I have a script that tries to sync a userdatabase with
plaintext username/password in mysql, to a Centos Directory
Server. Currently I've been pushing the passwords into the
directory by first creating the SSHA1 hash in python and
store '{SSHA}' + encode-string in the password field.
But, it occur
