On 06/11/2014 18:32, Martin van Es wrote:
HI Francesco,
On Thu, Nov 6, 2014 at 5:36 PM, Francesco Chicchiriccò
wrote:
Ok, then you need a synchronization action class that, when synchronizing
from LDAP will inspect the password value and remove it from synchronization
attributes if the passwor
HI Francesco,
On Thu, Nov 6, 2014 at 5:36 PM, Francesco Chicchiriccò
wrote:
>
> Ok, then you need a synchronization action class that, when synchronizing
> from LDAP will inspect the password value and remove it from synchronization
> attributes if the password values starts with {SSHA}.
I was h
On 06/11/2014 17:17, Martin van Es wrote:
Hi Francesco,
On Thu, Nov 6, 2014 at 4:34 PM, Francesco Chicchiriccò
wrote:
On 05/11/2014 19:09, Martin van Es wrote:
Hope this clarifies my endavours a bit.
Only a bit, actually :-)
But still I don't get why you are not just using AES on Syncope:
Hi Francesco,
On Thu, Nov 6, 2014 at 4:34 PM, Francesco Chicchiriccò
wrote:
> On 05/11/2014 19:09, Martin van Es wrote:
>> Hope this clarifies my endavours a bit.
>
>
> Only a bit, actually :-)
>
> But still I don't get why you are not just using AES on Syncope: any
> propagation will then be abl
On 05/11/2014 19:09, Martin van Es wrote:
Hi Fransesco,
I agree the setup makes no sense, it is all for the sake of testing. It's a lab!
What I wish to accomplish is to make PWM (via LDAP) leading in
password (re)set, but have the ability to propagate the password at
ANY given time from Syncope
Hi Fransesco,
I agree the setup makes no sense, it is all for the sake of testing. It's a lab!
What I wish to accomplish is to make PWM (via LDAP) leading in
password (re)set, but have the ability to propagate the password at
ANY given time from Syncope in ANY form I would like or need
(depending
On 02/11/2014 21:31, Martin van Es wrote:
Hi Fransesco,
On closer investigation it's not as good as I hoped. It's close, but not close
enough.
I have two test resources. One LDAP and one CSVdir (only push). When I set
password in PWM, it writes a plaintext pwd to userPassword field as config
Hi Fransesco,
On closer investigation it's not as good as I hoped. It's close, but
not close enough.
I have two test resources. One LDAP and one CSVdir (only push). When I
set password in PWM, it writes a plaintext pwd to userPassword field
as configured by slapd's plaintext hashing method. If I
Hi Francesco,
I managed to set pwd in PWM (cleartext in LDAP), sync (full reconcile)
to Syncope and (re)propagate the same password SSHA hashed back to
LDAP.
This scenario more or less fulfills my desired test scenario, apart
from the short time the password lives unencrypted in LDAP, but which
is
Hi Martin,
here's some reply to your questions below.
This hypothetical excercise would require a 2-way encrypted password setup
between OpenLDAP and Syncope. Is this a possible scenario? Would PLAINTEXT
Passwords in LDAP be the only solution?
With Syncope 1.2.0 you can synchronize encrypted
To answer myself, I thought I could tackle this by setting the
password plaintext in LDAP using PWM (using a plaintext password_hash
rule in slapd) and then sync it to Syncope and have it set by it's
SSHA equivalent while propagating the change back to the directory.
This way, the plaintext passwor
Hi,
I'd like to use PWM for Password Self-service management, but that
will only let me set passwords for users in an LDAP server.
https://code.google.com/p/pwm/
How would I make (Open)LDAP password leading for all passwords, but
keep Syncope for propagating users (including passwords) to target
12 matches
Mail list logo