8 Jul
2009
8 Jul
'09
11:21 p.m.
Hi,
At Mon, 25 May 2009 13:22:47 GMT, michael@stroeder.com wrote:
fumiyas@osstech.co.jp wrote:
My /etc/openldap/slapd.conf has the following line: password-hash {CRYPT} {SSHA}
What exactly do you want to achieve by this?
I use 'password-hash {CLEARTEXT} {CRYPT}' in my slapd.conf on OpenLDAP 2.3.43 to maintain the clear text password and the crypt(3)-ed password.
The {CLEARTEXT} password can be used for:
1. Generating MD5 has for Digest/CRAM-MD5 authentication. 2. Notifying a user of the user's current password. (This is a rare case, I think.) 3. Migrating users and their passwords to another system in the future. 4. ... and so on.
The {CRYPT} password can be used for old NIS clients.
--
-- Name: SATOH Fumiyasu (fumiyas @ osstech co jp)
-- Business Home: http://www.OSSTech.co.jp/
-- Personal Home: http://www.SFO.jp/blog/