On 08/16/2012 11:33 AM, Emmanuel Lécharny wrote:
You have asked that openLDAP not to encode the UserPassword value, when OpenLDAP does *not* encode anything.
Sorry, I should write slapcat or ldapsearch in the original letter.
The value is *always* store in binary format. This is the LdapSearch utility which encodes in base64 this attribute, which is supposed not to be a String, but a byte array
So, userPassword described in system schema and it can't be changed. And so ldapseach and slapcat print it in base-64 and it's also hardcoded.
Now, if you want to get the String value out of a base64 encoded OctetString AttributeType, you have to write your own tooling...
Ask the question differently.
ldap needs some links for external auth. And as they are text string I'd like to see them as text. Moreover I'd like to specify a template, for example I want to authenticate all inetOrgPerson-s as uid@MYREALM.