All,

I found Quanah’s response to a post (http://www.openldap.org/lists/openldap-devel/201411/msg00012.html), which brought up a question(s).

1)      I have the olcModule pw-sha2.la loaded in “cn=module{0},cn=config”

2)      Looking at Quanahs reply, in the link above, he states:

now, if you want to make something like say, SHA512 the default, then you need to modify the frontend config db:

dn: olcDatabase={-1},cn=config

changetype: modify

replace: olcPasswordHash

olcPasswordHash: {SSHA512}

Now, if I add, something like the above, and the current olcRootPW attribute shows {SSHA}, is that going to modify current password hashes or only going forward?

I tried the above, on cn=config, but received the following error

“According to the schema attribute olcPasswordHash is not allowed”

Thanks in advance,

John D. Borresen (Dave)

Linux/Unix Systems Administrator

MIT  Lincoln Laboratory

Email: john.borresen@ll.mit.edu