Re: hashed credentials for idassert-bind?

Steve Eckmann wrote:

I thought I could use something like “credentials={SSHA}/iiPJIZ2Srf+O0HqLIypyKYKccx9V6ag” with idassert-bind or acl-bind in configuring an ldap backend in slapd.conf, instead of including the cleartext password. But when I try that I get an “invalid credentials” error from the proxied Active Directory. I’ve carefully regenerated the hashed value with slappasswd and repasted the new value into my slapd.conf file, so I’m pretty sure that the hash is correct.

Clients always need clear-text credentials.

Ciao, Michael.