Re: SHA-256 Password Support and OpenLDAP2-2.4.46 SLES15SP2
--On Thursday, March 18, 2021 8:32 AM +0000 Dario García Díaz-Miguel
<dgdiaz(a)gmv.com> wrote:
Is it possible that the openldap2 package could have been compiled
with
the module features itself and I just need to add some kind of attribute
or entry to my LDAP directory in order to enable it?
We have tried to use Apache Directory Studio instead of slappasswd and we
have set up a password to SHA256 but the bind won't work. Instead,
CRYPT-SHA256 works so I can't figure out why.
I suppose I'm totally misunderstanding this and the compilation of the
module is required, but a little light ray of hope is there.
The SHA2 password module is a contrib module, so it is not built by
default. At this point, it's advised to use the ARGON2 module available in
current releases of OpenLDAP 2.4 instead. In OpenLDAP 2.5, the argon2
module is a mainline module that I'd expect all distributions to package.
Regards,
Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>