hadmut@danisch.de wrote:
Howard Chu wrote:
hadmut@danisch.de wrote:
But this opens other questions: Does slapd support multiple password entries?
Of course. The schema definition for userPassword says that it is a multivalued attribute. (Note: "values" not "entries". Seems you need to do some more reading on LDAP basics.)
Well, I don't think there's reason to get rude. Please understand that english is not my first language, and I apologize if I did not meet your expectations.
I don't read that as rude, merely advice. Don't take it personally please.
And I did not ask about LDAP in common, I asked about the slapd implementation. So reading LDAP basics would not answer the question.
As it was pointed out before, the details of this {SASL} authentication scheme are _not_ documented in the slapd manual or any LDAP basics, but somewhere hidden in the FAQs or even partly undocumented.
OpenLDAP supports SASL, SASL does have it's own documentation. Did you try to read any of that?
slappasswd doesn't know anything about that. slapd checks until it finds a match.
That's what I wanted to know. Obviously, as you yourself point out, that's an implementation detail.
Does ldappasswd change all entries or just the one matching the given password?
regards Hadmut
-
ghenry@OpenLDAP.org