--On Thursday, March 9, 2023 7:51 PM +0100 Stefan Kania stefan@kania-online.de wrote:
Another strange thing about passwords on the same machine. As I told you before, we switch to ssha as paswordhash.
SSHA is rather insecure. The Symas OpenLDAP builds ship with ARGON2 support which is advised to use. I've no idea how you are "changing the password via LDIF". Generally one should be using an LDAP v3 password modify operation for user accounts so that the server generates it automatically if it's been properly configured.
--Quanah