sudhakar wrote:
I'm using pwdCheckQuality to enforce password quality restrictions for the userPassword attribute. In order for this to work the password has to be received on the server end in plain text. Which is fine. But when OpenLDAP stores the password it stores it in plain text (base64 encoded).
Is there some overlay that will encrypt the userPassword before storing it?
Read the slapo-ppolicy(5) manpage. e.g. the ppolicy_hash_cleartext option.