Thanks you very much. My passwords are SSHA encoded so I compiled a patched JtR. Just for the record, I first used ldapsearch to export the userid:userPassword tuples in a file and was trapped by the base64 encoding of SSHA passwords. Using the Net::LDAP perl module to generate this file works great.
Regards, Thierry.
On Wednesday 06 December 2006 15:25, Cleber P. de Souza wrote:
Another option is export you ldap user password on the form userid:userPassword for a file and use John the Ripper to try crack them. Weaks passwords are shown on few minutes. If your password is on SSHA format, you'll need apply a patch on the JtR.
On 12/4/06, Thierry Lacoste lacoste@univ-paris12.fr wrote:
I'm running OpenLDAP 2.3.24 on a production server. As I was in a hurry and discovering LDAP when I installed it, I didn't enforce any password policy.
Now I would like to identify weak passwords to warn their users. What are my options?
Best regards, Thierry.