Hi Everyone: i have a question , how can i change ldapsearch command to check password more than 8 words? my openldap is 2.4.11 (Debian/Lenny) when i use freeradius 2.0.4 to authentication a account, my password is 12345678 , than i type 123456789 , Pass ..... this is radius's log: rlm_ldap: login attempt by "amo" with password "123456789" rlm_ldap: user DN: uid=amo,dc=hello,dc=com rlm_ldap: (re)connect to 127.0.0.1:389, authentication 1 rlm_ldap: bind as uid=amo,dc=hello,dc=com/123456789 rlm_ldap: waiting for bind result ... rlm_ldap: Bind was successful rlm_ldap: user amo authenticated succesfully ++[ldap] returns ok
than i try use ldapsearch search a user (still use password 123456789) ldapsearch -x -b "dc=hello,dc=com" -D "uid=amo,dc=hello,dc=com" -W -h localhost -LLL uid=jojo Enter LDAP Password: pass than find user information. dn: uid=jojo,dc=hello,dc=com shadowLastChange: 123123 loginShell: /bin/csh gidNumber: 102 homeDirectory: /home/jojo uidNumber: 1002
i guess ldapsearch command just check first 8 words, is this a bug or change something can fix it ? thanks a lot