>> Quanah Gibson-Mount <quanah(a)symas.com> schrieb am
14.01.2020 um 17:01 in
‑‑On Tuesday, January 14, 2020 9:08 AM +0100 Ulrich Windl
>> The OS is completely and utterly irrelvant to the discussion. It has no
>> knowledge of the internal hashing mechanism used by OpenLDAP.
> So you are assuming all systems are using the extended operation to
> authenticate? Acually I've see code that reads the LDAP user's password
> and then "combines" that with a password the user has entered.
> In the former case the password encoding matters. I'm not saying the
> pattern is good, but I've seen it.
Then the application is dependent on clear text passwords, not hashed
passwords, and again is irrelevant to this discussion.
If it were cleartext, there would not be issues with the hash algorithm used
No, we were talking about SSHA and sucessors.
Packaged, certified, and supported LDAP solutions powered by OpenLDAP: