Hello all,
Here is the issue that I am having. I have recently setup an OpenLDAP
database for my local network. My goal is to use this for authentication for
all clients on my network. I have been able to configure slapd.conf and the
server will start up and run just fine. I have been using the migration
tools to convert from the Linux style passwd file to .ldif files to import
into my shiny new LDAP database. Everything goes smoothly, including the
ldapadd command to import the ldif files. I am importing my users and my
groups, as well as the base information for my site. Everything imports in,
and i can find every user's DN using ldapsearch, but whenever I try to
authenticate with any user imported from the passwd file, it fails
authentication. However, if i go and change the user's password with
ldappasswd then it will let me authenticate just fine for that user. I think
this issue has to do with the fact that ldapadd automatically hashes the
value stored in userPassword, but this seems to be causing issues with the
SMD5 passwords that are stored in my shadow file. I've tried using
{CLEARTEXT}, {CRYPT}, {MD5}, and {SMD5} before the value in the userPassword
field, but no matter what i cannot login with the user's actual password. Is
there any way to prevent ldapadd from hashing the userPassword value, since
it already is encrypted? If not, what is the correct method for importing
from passwd file that will not require me to change every user's password
manually once imported into the LDAP directory. Below is my system setup.
Slackware Linux 12.2
OpenLDAP 2.4.21 compiled from source
passwd file encryption type: Salted MD5
If you need any more information please don't hesitate to ask. I am willing
to provide any information necessary to get this going. Any help or pointers
that I can get on this situation would be GREATLY appreciated.
Thanks,
Steve