Am Fri, 21 Sep 2018 09:09:40 +0700 schrieb Olivier Olivier.Nicole@cs.ait.ac.th:
Hi,
LDAP’s userPassowrd stored in the RDB has been already DES hashed by original app. On the other hand, input password from ldapseach command line is CREARTEXT.
I’d like to change certification process of LDAP source file to make input password into DES hashed by using 2 characters of userPassword as its SALT.
That is how LDAP works if it knows that your passwrd is DES.
But the encoding for DES by LDAP may be slightly different from the encoding for DES by your original app.
For a DES encrypted password, LDAP expects to see: userpassword: {CRYPT}6FgwLHWxQzlgA where 6F is the salt (LDAP knows that the 6F is the salt)
So if your RDB only contains 6FgwLHWxQzlgA, you may have to modify that.
[...] slappasswd(8) provides some information on password hashing and salting.
-Dieter