Hi Gerardo,
the 'short strings' You mentioned are 13-character DES password hashes. For security reasons they should not be used anymore if possible.
Putting {crypt} in front of them should be sufficient for conversion.
Normalizing the passwords might become difficult if only their DES hashes are available.
Especially in a heterogenous environment using simple authentication together with ssl/tls will prevent some trouble.
In that case OpenLDAP will take care of the crypto algorithm, creation of password hashes and so on while clients just send plaintext passwords over an encrypted ssl/tls connection to the LDAP server.
This will also prevent trouble if there is no common algorithm supported by all OS flavors and releases in Your environment which use LDAP for authentication.
Regards
Juergen