At 12:30 AM 12/8/2006, kadafax wrote:
Hi list, as I don't know if this behavior comes from my slapd itself, I'm not giving too much details on it. Here is what's happening: in slapd.conf I have: 'password-hash {SSHA}' so I'm expecting that each password attribute change results in a new SSHA hashed password.
You need to adjust your expectation. slapd.conf(5) says: This option configures one or more hashes to be used in generation of user passwords stored in the userPassword attribute during processing of LDAP Password Modify Extended Operations (RFC 3062). ... Note that this option does not alter the normal user applications handling of userPassword during LDAP Add, Modify, or other LDAP operations.
The behavior you see is most likely due to one client using the LDAP Password Modify Extended Operation and one client using LDAP Modify to change a userPassword.
- Kurt