8 Dec
2014
8 Dec
'14
3:44 a.m.
lux-integ wrote:
On Monday 08 December 2014 09:52:11 Michael Ströder wrote:
In case of SASL mechanisms which require 'userPassword' value(s) in clear you would have to implement a reversible encryption password storage schema in an OpenLDAP overlay and adapt some other layer/components to correctly use it
very ineresting has anyhing like this been attempted ?
In a project a collegue implemented a closed source overlay with RSA private key stored on disk.
For open source examples of overlays implementing different password storage methods see directory contrib/slapd-modules/passwd/ in OpenLDAP's source distribution.
Ciao, Michael.