On 10/07/2010 09:22 PM, Jason Russler wrote:
> Can the (MD5) password hashes from a shadow file be re-encoded to
> something Apache DS can understand
>
re-encoding is not possible, but you can check which algorithm is used
in your shadow-file (e.g. if the passwords there start with $1$ it's
MD5, see crypt(3) for a list), and then check if ApacheDirServer knows
that algorithm.
Using DirectoryStudio I can see the following hash-algos when setting
a userPassword: SHA, SSHA, MD5, SMD5, CRYPT
(don't know if that list is queried from the server or hardcoded into
DirStudio)
So if you currently have
$1$PzZV2WYK$Asd3JtTFOwR3JnNTPjxDq/
in /etc/shadow, you can try
{MD5}PzZV2WYK$Asd3JtTFOwR3JnNTPjxDq/
as value for the userPassword-attribute.
Disclaimer: Haven't tried this myself :)
hth,
--
Infineon Technologies IT-Services GmbH [email protected]
Lakeside B05, 9020 Klagenfurt, Austria Martin Schuster
FB: LG Klagenfurt, FN 246787y +43 5 1777 3517
